Server-to-Server - Fundamentals
Implement Singular's REST API for complete server-side tracking as an alternative to SDK integration, enabling full control over data collection, transmission, and attribution workflows.
Choosing your integration: SDK or S2S? If you can embed a client SDK, start with the SDK integration docs . Use Server-to-Server when you need server-side event delivery, are on a platform without an SDK, or want full control over data collection. This suite covers the S2S path and is the shared reference for the Mobile, Web, and PC/Console S2S guides.
Overview
Server-to-Server Use Case
Server-to-server (S2S) integration provides REST API endpoints for building complete attribution and analytics solutions running from your backend infrastructure without embedding Singular SDK in client applications.
Integration Approaches:
- Pure S2S: 100% server-side implementation handling both session and event tracking
- Hybrid: Singular SDK manages sessions while server-side handles event tracking
Hybrid Integration Pattern
Hybrid integration combines Singular SDK for session management with server-side EVENT API for backend event tracking, balancing ease of implementation with server-side flexibility.
Hybrid Benefits:
- SDK handles complex session logic, deep linking, and device data collection automatically
- Server sends events for transactions processed in backend systems
- Reduced client-side implementation complexity
- SESSION endpoint not required—SDK manages session lifecycle
Device Data Retrieval Methods:
- Client-Managed Flow: Capture required data points on client and forward to server via internal API for use with Singular EVENT endpoint
- Internal BI Postback: Configure Singular Internal BI postback to receive real-time JSON payload with device identifiers after install, re-engagement, or events ( Setup Guide )
Device Graph Maintenance: Both methods require server-side logic to maintain device graph. When SDK detects device identifier changes, update server accordingly to ensure accurate tracking.
Implementation Resources:
- EVENT Endpoint Required Parameters
- Retrieving Device Data Guide (iOS/Android code samples)
Key Integration Principles
| Principle | Description |
|---|---|
| Flexibility | Full control over data collection and transmission timing |
| Feature Parity | Supports all SDK functionality when proper data provided |
| Integration Path | Client → Your Server → Singular API |
| Real-time Processing | One request at a time—no batch processing support |
| Sequential Flow | Events must be processed chronologically |
| No Deduplication | Singular does not deduplicate—implement server-side deduplication |
| Data Permanence | Device-level data cannot be deleted after ingestion—validate before sending |
Integration Requirements
Pure S2S integration requires comprehensive data pipeline implementation for session and event tracking.
- Data Collection: Collect required data points from client applications
- Device Graph: Forward data to server and maintain device identifier storage
- Session Requests: Send session notifications via SESSION API
- Response Handling: Process and relay Singular responses back to client app
- Event Requests: Forward events via EVENT API
Related S2S Guides
This article is the shared reference for the S2S suite. Use the guide that matches your platform, and the endpoint references for full parameter detail.
Platform guides
Endpoint references
Feature guides
REST API Endpoints
Singular provides two primary REST API endpoints for server-to-server session and event tracking.
Session Endpoint
Session Tracking API
SESSION endpoint notifies Singular of app open events to initialize user sessions for attribution and retention tracking.
GET https://s2s.singular.net/api/v1/launch
Complete reference: SESSION Endpoint API Reference
Event Endpoint
Event Tracking API
EVENT endpoint tracks in-app events and revenue for attribution analysis and campaign optimization.
GET https://s2s.singular.net/api/v1/evt
Complete reference: EVENT Endpoint API Reference
Common Parameters
These parameters are shared across the SESSION and EVENT endpoints of Singular's S2S REST API. This section holds their canonical definitions; other S2S articles link here rather than redefining them.
Authentication
| Parameter | Details |
|---|---|
a
|
Singular SDK Key for API authentication. Retrieve from: Singular UI → Main Menu → Developer Tools . Important: Do not use the Reporting API Key. Requests will be rejected.
Example:
|
Device Identifiers
Device identifiers vary by platform and availability. Include all applicable identifiers for your platform. Omit any identifier that is unavailable—never pass NULL or an empty string.
| Parameter | Details |
|---|---|
idfa
|
Platform: iOS Identifier for Advertisers (IDFA) enables ad tracking and campaign attribution. ATT requirement: iOS 14.5+ requires user opt-in via the App Tracking Transparency framework.
Example:
|
idfv
|
Platform: iOS Identifier for Vendors (IDFV) remains consistent across all apps from the same vendor. Always required: Must be included regardless of ATT status or IDFA availability.
Example:
|
aifa
|
Platform:
Android
Google Advertising ID (GAID) enables user-resettable advertising tracking on Android.
Example:
|
asid
|
Platform:
Android
Android App Set ID provides privacy-conscious cross-app tracking for the same developer. Always required: Must be included on Google Play devices regardless of GAID availability.
Example:
|
amid
|
Platform:
Android
Amazon Advertising ID for Amazon devices without Google Play Services.
Example:
|
oaid
|
Platform:
Android
Open Advertising Identifier (OAID) for Chinese-manufactured devices without Google Play Services (Huawei, Xiaomi, OPPO, etc.).
Example:
|
andi
|
Platform:
Android
Android ID is a device-generated 64-bit identifier. Restricted use: Prohibited on Google Play devices—use AIFA and ASID instead. Only send if no other identifiers are available and the app is not distributed via Google Play.
Example:
|
sdid
|
Platform: iOS, Android, PC, Xbox, PlayStation, Nintendo, MetaQuest, CTV Singular Device ID is a client-generated anonymized UUIDv4 representing a unique app install. Primary identifier: Only device identifier relevant for PC and console applications.
Example:
|
Device Parameters
| Parameter | Details |
|---|---|
p
|
Platform of the application. Allowed values (case-sensitive):
Example:
|
ip
|
Example:
|
ve
|
Example:
|
ma
iOS, Android |
Device make (manufacturer name). Must be used with
Example:
|
mo
iOS, Android |
Device model. Must be used with
Example:
|
lc
iOS, Android |
IETF locale tag—two-letter language and country code separated by an underscore.
Example:
|
bd
iOS, Android |
Device build identifier, URL-encoded.
Example:
|
Application Parameters
| Parameter | Details |
|---|---|
i
|
App identifier (case-sensitive).
Example:
|
app_v
|
Example:
|
att_authorization_status
iOS |
App Tracking Transparency (ATT) status code (iOS 14.5+). Status values:
Always required:
Even if ATT is not implemented, pass
Example:
|
Network and Location Parameters
| Parameter | Details |
|---|---|
use_ip
|
Instructs Singular to extract the IP address from the HTTP request instead of the
Limitations:
Example:
|
country
|
ISO 3166-1 alpha-2 two-letter country code.
Required when:
IP address is not available or
Example:
|
ua
|
URL-encoded User Agent string.
Raw:
Example:
|
c
iOS, Android |
Network connection type.
Allowed values:
Example:
|
cn
iOS, Android |
Example:
|
Data Privacy Parameters
| Parameter | Details |
|---|---|
data_sharing_options
|
JSON URL-encoded end-user consent for data sharing. Must persist and be passed on all subsequent SESSION and EVENT requests. User consented (opted-in):
User refused (opted-out):
Example:
|
dnt
iOS, Android |
Do Not Track status.
Example:
|
dntoff
iOS, Android |
Indicates if Do Not Track is OFF.
Example:
|
Cross-Device Support
| Parameter | Details |
|---|---|
custom_user_id
|
Your internal user ID for cross-device tracking. No PII: Do not pass personally identifiable information. Use a hashed or otherwise anonymized internal identifier, not raw email addresses, phone numbers, or names.
Example:
|
Implementation Phases
Successful S2S integration requires four key implementation phases executed sequentially for optimal data quality and attribution accuracy.
Phase 1: Data Collection
Required Data Points
Establish robust data collection strategy capturing all required parameters for Singular platform functionality.
All Required Parameters Mandatory: Omitting required parameters results in data discrepancies and attribution errors. No parameters are optional.
Async Function Handling: When collecting client-side data for server transmission, wait for asynchronous functions to complete and handle edge cases. Common issue causing missing data and partial attribution.
Implementation Resources:
- SESSION Endpoint Required Parameters
- EVENT Endpoint Required Parameters
- Retrieving Device Data Guide (iOS/Android code samples)
- SKAdNetwork 4 Implementation Guide (iOS specific data points)
Phase 2: Real-Time Streaming
Critical Timing Requirements
Real-time data streaming maintains attribution accuracy and enables time-sensitive features like SKAdNetwork conversion value updates.
Attribution Impact:
- Delayed Sessions: Severely impact attribution accuracy—system requires precise temporal data for campaign association
- SKAdNetwork Timer: Strict on-device timer window for conversion values makes real-time streaming critical. Delays cause missed conversion value updates and incomplete campaign data
Best Practices:
- Implement server-side event listeners for app session starts
- Forward session data immediately with all required parameters
- Implement server-side event listeners for in-app events
- Forward event data immediately with all required parameters
- Use webhook architecture for reliable data transmission
- Implement retry mechanisms for failed requests
- Monitor data flow for quality assurance
Phase 3: Response Handling
Bidirectional Communication
Response handling bridges server-side API interactions with client-side functionality, enabling deferred deep linking and conversion value updates.
Key Response Types:
- Deferred Deep Links: API response contains pending deep link data requiring immediate relay to app for user routing and personalization
- Conversion Values: iOS SKAdNetwork conversion values must be promptly forwarded to app for accurate campaign measurement
Best Practices:
- Implement response handling on server infrastructure
- Parse and validate Singular API responses
- Forward relevant response data to client app (essential for iOS SKAdNetwork)
- Implement client-side response processing
- Handle errors gracefully with proper HTTP status codes
- Log failed responses for retry mechanisms
Phase 4: Testing & Validation
Data Flow Verification
Testing phase validates complete data pipeline functionality and attribution accuracy before production deployment.
Session Attribution Processes:
- First Session (New Install): Singular recognizes new install and triggers install attribution process
- Re-engagement Qualified: Singular triggers re-engagement attribution process ( Re-engagement FAQ )
- Standard Session: Singular records session for user activity and retention metrics
Critical Timing Requirements:
- Session Before Events: Single SESSION must be received before any events. SDK triggers session on app open, then sends in-app events. After 1+ minute background, session times out. New session sent when app returns to foreground. Use app lifecycle events and timers for session management
- Real-Time Events: Events occurring in app must be sent real-time after their respective session
Validation Checklist:
- Test session data flow—validate first and subsequent sessions have correct data points and values
- Confirm events received only after session reported to Singular (events before session create organic attribution)
- Confirm session response handled and passed to client app (critical for deferred deep links)
Integration Complete:
- ✓ Data collection and storage validated
- ✓ Real-time streaming to Singular validated
- ✓ Response handling and logging validated
- ✓ All testing data flows validated
Testing guide: S2S Integration Testing Guide
Additional Features
Implement cross-device tracking, revenue tracking, uninstall monitoring, and data privacy compliance for comprehensive analytics.
Cross-Device Tracking
Custom User ID Implementation
Leverage
custom_user_id
parameter to associate users with
device-level sessions for cross-device reporting and user-level analytics.
Privacy Compliance:
Adhere to data privacy policies
by avoiding personally identifiable information (PII) in
custom_user_id
. Use hashed username, email, or randomly
generated string as unique user identifier.
Enables comprehensive cross-device reporting, user-level data exports, and Internal BI postbacks while maintaining user privacy.
More info: Custom User ID Parameter
Revenue Tracking
In-App Purchase Reporting
Track revenue from in-app purchases for ROI analysis, campaign performance measurement, and export/postback enrichment.
Use EVENT endpoint with revenue parameters :
-
is_revenue_event: Marks event as revenue event (skip if event name is__iap__or amount > 0) -
purchase_receipt: Android/iOS In-App Purchase object—highly recommended for transaction details and report enrichment -
receipt_signature(Android): Highly recommended for transaction validation and fraud prevention -
amt: Revenue amount as Double (e.g., "amt=1.99") -
cur: ISO 4217 currency code (e.g., "cur=USD")
Implementation guide: Subscription State Management
Data Privacy Compliance
User Consent Handling
Notify Singular of end-user consent for data sharing to comply with GDPR, CCPA, and other privacy regulations.
Use
data_sharing_options
parameter to communicate user choice:
-
{"limit_data_sharing":false}: User consented (opted-in) to share information -
{"limit_data_sharing":true}: User refused to share information
Singular uses
limit_data_sharing
in
User Privacy Postbacks
and passes information to partners requiring compliance.
Optional but Recommended: Parameter optional, but some attribution information only shared by partners when user explicitly opted-in.
More info: User Privacy and Limit Data Sharing