Configuring web personalization security
Use web personalization security to add an extra layer of security to individual contact fields to ensure that sensitive data is only displayed to trusted contacts. Trusted contacts are those who have opened and clicked-through an email sent by Oracle Eloqua. This feature is available for web data lookups and field merges used on external and internal landing pages that pull data from the contact record.
Note: Web personalization security settings do not impact email field merges, dynamic content, cloud content, or custom objects.
Web Personalization Security is configured for each contact field individually and controls the behavior of the contact field when used by field merges and web data lookups. The field has two settings:
- Show to Trusted Visitors Only: A contact data field with this setting is only displayed to visitors who have undergone an additional form of verification. Trusted contacts are those who have opened and clicked-through an email sent by Oracle Eloqua. Contacts who have not undergone additional verification will see data they have previously entered from their browser or the default value (when field merges are used). This is the default option.
- Show to All Known Visitors: A contact data field with this setting is displayed to all visitors linked to a contact, regardless of whether they have been verified or not.
The table below shows the behavior of field merges and web data lookups depending on a contact field's Web Personalization Security setting and whether or not a visitor is trusted:
|
Web personalization security setting on contact field |
Visitor status |
Contact field data (title) |
Field merge default / data entered by visitor in browser |
Data displayed to visitor |
|---|---|---|---|---|
|
Show to All Known Visitors |
Trusted |
Senior Manager |
Student |
Senior Manager |
|
Show to All Known Visitors |
Known Visitor (Not Verified) |
Senior Manager |
Student |
Senior Manager |
|
Show to Trusted Visitors Only |
Trusted |
Senior Manager |
Student |
Senior Manager |
|
Show to Trusted Visitors Only |
Known Visitor (Not Verified) |
Senior Manager |
Student |
Student |
Note: When creating a web data lookup, ensure the Restricted setting is checked. Unrestricted web data lookups will result in data being displayed to all visitors. Learn more about creating web data lookups.
The web personalization security setting is referenced by web data lookups and field merges in all situations except when placed on PURL (Personal URL) pages and pages with a PURL in the URL. These pages treat all visitors as Trusted and should be treated as public web pages in terms of data privacy. Authenticated microsites should be leveraged by marketers needing to expose sensitive data to a single contact.
Important: When merging a PURL string into a URL, ensure the PURL contact field is set to Show to All Known Visitors, or that the default value will not result in a URL breaking string.
Tip: To view the web personalization security settings for all contact fields, navigate to Settings 
> Security in the Users and Security area > Web Personalization Security.
To configure web personalization security for a contact field:
- Click Settings .
- Click Fields & Views in the Database Setup area.
- Select a contact field.
- Update the Web Personalization Security setting by selecting either Show to All Known Visitors or Show to Trusted Visitors Only.
Note: Show to All Known Visitors is the default option.
- Click Yes in the confirmation window to proceed with the update.
