This article applies only if you use Google Tag Gateway (GTG) on your website.
What is Google Tag Gateway and what is its impact on consent?
Google Tag Gateway (GTG) is a mechanism offered by Google that allows Google tags (gtag.js, gtm.js) to be served from your own domain instead of from googletagmanager.com. In concrete terms, GTG transforms third-party scripts into first-party scripts.
Activation is done with a single click from the Google Tag Manager interface: Google then injects a CDN configuration that modifies the source of the script loaded on the site.
Once GTG is activated, a tag that was previously loaded from
https://www.googletagmanager.com/gtm.js?id=GTM-XXXXXX is now loaded from https://your-domain.com/gtm.js?id=GTM-XXXXXX
What is GTG for?
GTG offers a lightweight alternative to server-side tracking for sites that want to:
Bypass ad blockers that block requests to
googletagmanager.com.Improve performance by reducing third-party DNS requests.
Strengthen tracking resilience against browser restrictions (ITP, ETP).
Unlike server-side tagging (which requires a dedicated GTM server), GTG is activated with a single click from the GTM interface.
Impact on consent: the risk of late consent
For Axeptio to work correctly, two signals must be sent before Google tags execute:
the Consent Mode
defaultcommand (gtag('consent', 'default', {...}))the TCF stub (
window.__tcfapi), for sites subject to the IAB TCF v2.2 framework
If this is not the case — that is, if the default command and/or the TCF stub load after Google tags have already started — this is referred to as late consent.
When consent is late, the first events sent by Google tags may be sent without the user's chosen consent state being taken into account, which violates Consent Mode implementation requirements.
This problem can occur independently of GTG, particularly in the following situations:
Axeptio integration via manual script, if Axeptio is not positioned before GTM in the HTML
use of the Axeptio GTM tag template without the "Consent Initialization - All Pages" trigger
integration via CMS plugin, depending on how it injects the script
If you have followed our integration recommendations — both on the Axeptio integration method and on Consent Mode v2 configuration — the default command is sent before Google tags: GTG then has no impact on your configuration.GTG can amplify this existing problem: by serving gtm.js from your own domain, the script potentially loads faster (no external DNS resolution), which reduces tolerance for loading order issues. GTG thus acts as a revealer: it makes visible a problem that could have gone unnoticed until now.
What GTG does not do
GTG does not bypass the user's consent choices. Consent Mode continues to adapt tag behavior based on the consent reported by Axeptio.
GTG does not collect any additional data compared to
gtag.js/gtm.js. GTG only modifies the way the script is loaded, not what it does once loaded.
How to verify if you are using GTG
Important: GTG activation verification must be performed manually by you. Axeptio detects the symptoms (late consent) but it is up to you to correlate it with GTG using the steps below.
For formal verification steps, consult the Google Tag Manager help center: https://support.google.com/tagmanager
In addition, here are three practical checks you can perform in a few minutes.
In the page source code
Open the relevant page in a browser.
Display the source code (right-click → View page source or
Ctrl+U/Cmd+Option+U).Search for the
<script>tag that loadsgtm.jsorgtag/js.
Tag served via GTG:https://your-domain.com/gtm.js?id=GTM-XXXXXXTag NOT served via GTG:https://www.googletagmanager.com/gtm.js?id=GTM-XXXXXX
The verification criterion is the source domain of the script: it must be your own (e.g. https://example.com/gtm.js) and not https://www.googletagmanager.com/gtm.js.
The script name may have been customized. GTG allows you to change the name of the container file (default gtm.js). If this name has been changed, searching the source code will return nothing. In that case, use the Network + Initiator method described below.
In the Network tab of the browser
Open the browser's developer tools (
F12orCmd+Option+I).Go to the Network tab.
Filter on
gtm.jsorgtag.Reload the page.
Inspect the Domain / Initiator column of each request.
If you see your-domain.com/gtm.js?id=… → ✅ Tag served via GTG
If you see www.googletagmanager.com/gtm.js?id=… → ❌ Tag not served via GTG
Special case: custom container name
GTG allows you to change the name of the container file (default gtm.js). If you have customized this name — or if you do not know if it has been modified — searching for gtm.js in the Network tab will return no results. Here is how to proceed in that case:
Note: Axeptio cannot automatically detect if GTG is activated — there is no public API for this. This verification is therefore always manual.
Step 1 — Verify the original URL of the tag
If the tag is served from a URL starting with https://www.googletagmanager.com/, GTG is not activated. You can stop here.
If the loading URL is different (own domain or unknown), proceed to the next step.
Step 2 — Identify the network request of the tag in question
Navigate to the site and open the developer tools (
F12orCmd+Option+I).Go to the Network tab.
Identify an HTTP request sent by the tag in question. For Google Analytics (GA4), for example, filter on the word
collect— GA4 data collection requests contain this term.
⚠️ This step is the most delicate. The request may be partially obfuscated depending on the tag configuration. If you can't find it, search for requests to Google Analytics or Google Ads domains (analytics.google.com, google-analytics.com, doubleclick.net).
Step 3 — Trace back to the initiating URL
Click on the request identified in step 2.
Open the Initiator tab.
The call stack displays the chain of calls that triggered this request. Go back to the source script: this is the one that corresponds to the tag loaded via GTG (or not).
If this source script is served from your own domain (and not from googletagmanager.com), GTG is activated for this tag.
In the Google Tag Manager interface
From the GTM home page, click the Google tags tab.
Click on the Google tag in question.
In the left menu, go to Admin → Google tag gateway.
A panel opens with a Domains table. Look at the Status column: - First-party → GTG is active for this domain - Not started → GTG is not yet configured for this domain
If your domain does not appear in this table at all, GTG is not activated.
What to do with this result?
If none of your Google tags are served via GTG: no GTG action needed. Continue to use Axeptio as you do today.
If some of your Google tags are served via GTG and you see a late consent warning: proceed to the section below.
If you use GTG
Axeptio helps you detect late consent issues
Shake — Google Consent Mode Check automatically performs a scan of your site once per month to detect late consent issues. Available for all Axeptio customers.
Results are visible directly from your back office, in the Google Consent Mode Check section.
A PDF report is sent automatically after each scan.
It is not possible to manually restart a scan before the next 30-day deadline.
Shake does not detect GTG directly (no public API allows it), but it identifies problematic symptoms (late consent, missing signals) and guides you on the actions to take.
What to do if Axeptio detects late consent and GTG is activated?
Late consent issues related to GTG are caused by a tag loading order that is beyond Axeptio's control. These issues must be resolved in your tag configuration or deployment strategy — Axeptio cannot fix them alone.
💡 If you have followed Axeptio integration recommendations and you do not observe late consent — no action is required, your configuration is compliant.
If you use GTG and your configuration has a late consent problem, three resolution options are possible, in order of decreasing recommendation.
(Recommended) Option A — Adopt advanced consent mode
Switch to advanced consent mode: Google tags trigger immediately by sending cookieless pings (limited measurement). Once consent is obtained, full measurement resumes; if refused, only cookieless pings are retained.
⚠️ Eligibility for behavioral modeling: your GA4 property must reach a minimum threshold of 1,000 consenting visitors per day (on at least 7 of the last 28 days). Below this threshold, modeling will not activate. → Learn more
Enable Data Transmission Controls in your Google tag settings as needed — Google documentation
Global Consent Defaults are managed automatically by Axeptio.
Why this option is recommended:
It is the mechanism explicitly recommended by Google for GTG deployments.
Basic mode is more fragile in this context: it relies on strict control of loading order. If not, GTG can highlight this existing issue.
Points to watch:
Verify that your Google tags support advanced mode.
Behavioral modeling requires a minimum of 1,000 consenting visitors/day.
Data Transmission Controls must be configured according to your needs.
📖 For detailed configuration of advanced Consent Mode with Axeptio, see our dedicated support article: Configure Google Consent Mode v2
Option B — Migrate all tags into a GTM container then deploy GTM via GTG
This option is for you if you do not use GTM — manual script or Axeptio CMS plugin (WordPress, Drupal, Shopify, etc.).
Centralize all marketing/analytics tags in a single Google Tag Manager container.
Enable GTG at the GTM container level, not at the individual tag level.
The GTM container is thus served from your domain, and GTM orchestrates the loading order of the tags it contains.
Points to watch:
Requires setting up GTM. Axeptio must be configured with the "Consent Initialization - All Pages" trigger.
Axeptio must be configured with the "Consent Initialization - All Pages" trigger to guarantee loading order.
Option C — Manual GTG configuration
What it consists of:
Set up GTG "manually": host the redirect to the Google CDN on your own server / CDN and explicitly control the order of script imports in the HTML.
Ensure that the Axeptio tag is loaded and executed before the GTG tag.
Points to watch:
Requires server-side / CDN technical skills.
Loading order is entirely your responsibility — a configuration error can reintroduce the problem.
See the Google documentation for manual configuration.
Quick decision matrix
Situation | Recommended option |
You want the most robust and easiest to maintain solution | Option A — Advanced mode |
You do not use GTM (manual script or Axeptio CMS plugin) and want to regain control of loading order | Option B — Migrate to GTM via GTG |
You have a technical team and want full control without changing consent mode | Option C — Manual GTG |
You do not know where to start | Option A — Advanced mode (recommended by Google and Axeptio) |
Consent in regions where the banner is not displayed
This section applies to you if you have configured Axeptio to restrict banner display to certain regions (for example, only the EEA, via a geographic exclusion zone) and you are following Option A (advanced consent mode).
What happens when a visitor arrives from an excluded region
When Axeptio is configured with a geographic exclusion zone, visitors from outside that zone do not see a banner. In that case, Axeptio automatically sends a consent update: granted signal for all four consent types (ad_storage, analytics_storage, ad_user_data, ad_personalization) when the page loads, without waiting for interaction.
This behavior ensures measurement continuity: Google tags need a consent signal even in regions where no banner is displayed. Axeptio handles this automatically — no additional configuration is needed on your part.
Prerequisite: this automatic behavior requires that the Consent Mode v2 screen be enabled in your Axeptio banner. Without this screen, Axeptio cannot send any consent signal, even granted. → Configure Google Consent Mode v2
Important: Axeptio must be loaded on all pages, including in excluded regions
For the granted signal to be sent, Axeptio must be loaded on the page even in regions where the banner is hidden. If your implementation conditions the loading of Axeptio on the visitor's region (for example by removing the script tag for visitors outside the EEA), no consent signal will be sent and Google tags will function without a consent state — which is not compliant.
The correct schema is as follows: load Axeptio on all pages, configure the exclusion zone in Axeptio settings, and let Axeptio hide the banner while sending the consent signal.
Relationship with Data Transmission Controls and Global Consent Defaults
Data Transmission Controls (DTC) and Global Consent Defaults (GCD) are parameters configured directly in Google Ads, Google Analytics, or Google Tag Manager. They control the behavior of Google tags while awaiting or after receiving a consent signal — but they do not themselves produce a consent signal. It is always Axeptio that sends it.
Concretely:
DTC and GCD work correctly only if Axeptio is loaded and sends signals on all pages.
If you have set global GCD to
deniedfor all regions as a security measure, thegrantedsignal sent by Axeptio for regions without a banner will properly override this default — this is the correct and expected behavior.
Appendix — References and documentation
Axeptio documentation
Google documentation
The Google pages above are authoritative sources. In case of discrepancy, Google pages are authoritative.