DecisaBlog
Back to blog
Platforms6 min read

Meta Conversions API for E-commerce: Pixel + Server Done Right

The browser pixel misses sales it can't see. What Meta CAPI is, why pixel + server with event_id dedup wins, and how to raise Event Match Quality.

By Decisa Team ·

Compare the purchases your Meta pixel reported last month with the orders in your store's admin. They will not match. Ad blockers kill the script before it loads, iOS and Safari throttle its cookies, consent banners suppress it, and some buyers close the tab before the thank-you page fires. Every one of those missing purchases is a sale Meta's algorithm never learned from — and an order your campaigns get no credit for.

The Conversions API exists to close exactly that gap. This guide covers what CAPI actually is, why the recommended setup is redundancy rather than replacement, how event_id deduplication keeps your numbers honest, and which user-data fields raise Event Match Quality enough to matter.

What the Conversions API Actually Is

The browser pixel is a piece of JavaScript running inside your visitor's browser. It observes what happens on the page and reports it to Meta — as long as nothing stops it.

The Conversions API is the same event stream sent from your server instead. When an order lands in your backend — confirmed, paid, real — your system makes an HTTPS call to Meta's endpoint with the event. There is no script to block, no third-party cookie to expire, no dependency on the buyer's browser surviving the checkout flow. If the order exists in your database, the event ships.

Two things CAPI is not:

  • A different event taxonomy. Server events use the same names the pixel does — Purchase, AddToCart, InitiateCheckout — so your campaigns and custom conversions keep working unchanged.
  • A pixel replacement. Sending only server events throws away browser context the server never sees. The recommended pattern is both, together.

Why Redundant Setup Beats Replacement

Pixel and server each have blind spots, and conveniently they are different blind spots:

Browser pixelConversions API
Runs inThe visitor's browserYour server
Blocked by ad blockersYesNo
Affected by Safari/iOS cookie limitsYesNo
Sees fbp/fbc browser cookies nativelyYesOnly if you capture and pass them
Knows the amount actually chargedNo — reports cart valueYes — reads the real order
Can report refunds laterNoYes
Fires for upper-funnel events (ViewContent)Cheaply, everywhereOnly with extra plumbing

Run both and each covers the other's gaps. Illustrative math (not a benchmark): if your store takes 1,000 orders a month and the pixel only manages to fire on 850 of them, a pixel-only setup leaves 150 purchases invisible to Meta's optimization and attribution. A redundant setup delivers all 1,000 — and deduplication makes sure Meta counts 1,000, not 1,850.

That second half is the part teams get wrong.

One Sale, One Event: event_id Deduplication

With redundancy, Meta receives most purchases twice — once from the pixel, once from your server. The deduplication contract is simple: both copies must carry the same event_name and the same event_id. When Meta sees the pair, it keeps one and discards the other (deduplication docs).

The natural choice for event_id is your order ID — it is unique, stable, and both sides can know it at fire time.

What goes wrong in practice:

  • Each side generates its own random ID. Meta sees two distinct events, counts the sale twice, and your reported ROAS inflates by exactly the share of orders where both fire.
  • One side omits event_id entirely. Same outcome: no key, no dedup.
  • The IDs match but the event names don't (Purchase vs. purchase from a hand-rolled integration). The pair never joins.

If you turned on CAPI and conversions "jumped" the same week, check deduplication before celebrating. The jump is usually double counting wearing a success costume.

Event Match Quality: The Score That Decides Whether Your Data Counts

A server event is only useful if Meta can match it to a person. Event Match Quality (EMQ) is the 1-to-10 score in Events Manager that grades exactly that, per event type (about EMQ). Low EMQ means events arrive but match nobody — they exist, and they change nothing.

The user_data fields that raise it:

  • Email (SHA-256 hashed) — the workhorse identifier. Your checkout has it on every order; send it on every purchase event.
  • Phone (SHA-256 hashed) — strong on its own, stronger combined with email.
  • Client IP address + user agent — browser context the server must forward explicitly, since the request to Meta comes from your datacenter, not the buyer's device.
  • fbp cookie — Meta's browser identifier, set by the pixel on your domain.
  • fbc cookie — present when the visit came from a clicked Meta ad; it carries the click ID and is the most direct line back to the campaign.
  • external_id — your own customer ID, useful for repeat buyers.

The pixel sends fbp and fbc automatically. Your server does not have them unless something captured them at click time and stored them with the session, so they can be replayed when the order arrives minutes or days later. This plumbing is the single most common gap in homegrown CAPI integrations — and it is precisely what a first-party tracking layer is for. Decisa's pipeline, for instance, records fbc, fbp, and click IDs the moment the visitor lands, then attaches them to the verified order before pushing the event server-side, so the purchase arrives with the full identity payload instead of a bare email.

Getting Verified Purchases Flowing This Week

  1. Keep the pixel. Redundancy is the pattern; nothing gets ripped out.
  2. Pick your server-side source. Native platform integration (Shopify and the major checkouts ship one), a server-side tag manager, a direct API integration, or an attribution platform that pushes for you. Direct integrations give you the most control over user_data.
  3. Set event_id = order ID on both sides. Pixel purchase event and server purchase event must carry the identical value.
  4. Send the richest user_data you lawfully can. Hashed email and phone from the order, IP and user agent from the original session, fbp/fbc captured at click time.
  5. Verify in Events Manager before trusting anything. Use the Test Events tool, confirm server events arrive, confirm duplicates are being deduplicated, and watch the EMQ score on your Purchase event.
  6. Send the truth, not the cart. Report the amount actually charged, fire only on confirmed payment, and handle refunds — an algorithm trained on canceled orders optimizes for canceled orders.

The pixel tells Meta what happened in the browser. CAPI tells Meta what happened in your business. E-commerce accounts need both — wired to the same event_id, carrying enough identity to match — because the campaigns can only optimize toward the sales they are allowed to see.