OneTrust Compliance Checker Verify Your Setup Is Working
OneTrust is one of the most trusted consent management platforms available. But your site has dozens of third-party scripts, tag manager rules, and plugins that can drop cookies outside OneTrust's blocking layer - silently, with no warning from OneTrust itself.
We work alongside OneTrust - not against it
OneTrust manages your consent configuration. We independently verify that configuration produces the right outcome in a real browser - catching issues that OneTrust cannot see from inside the page.
What we verify that OneTrust alone cannot confirm
OneTrust controls what it controls. These six checks require independent observation from outside the page.
| Check | Why OneTrust alone cannot confirm it |
|---|---|
| Pre-consent cookies | OneTrust auto-blocking controls its categorized scripts - but uncategorized third-party scripts, tag manager rules, and CDN-hosted libraries can fire outside its blocking layer. |
| Google Consent Mode v2 signals | OneTrust generates Consent Mode signals, but signal timing and the presence of all 4 v2 signals (ad_user_data, ad_personalization) must be verified from outside the page. |
| Reject All enforcement | A site update, GTM deployment, or new plugin can add scripts that bypass OneTrust's blocking rules without triggering any alerts. |
| GPC signal handling | Global Privacy Control requires a browser-level test. OneTrust can be configured to honor GPC - but configuration does not confirm it works in a real browser session. |
| Dark pattern checks | OneTrust provides the banner framework and the configuration options. The choices made during implementation - button prominence, pre-ticked boxes - are outside OneTrust's control. |
| Multi-region behavior (up to 15 regions) | OneTrust shows one configuration dashboard. We test from actual EU, California, UK, and other jurisdiction IPs to verify geo-targeted rules work as configured. |
How we detect OneTrust on your site
Four independent fingerprint signals confirm OneTrust is present and active.
JavaScript globals
OneTrust, OnetrustActiveGroups, OneTrustStub
DOM elements
#onetrust-consent-sdk, #onetrust-banner-sdk, .optanon-alert-box-wrapper
Consent cookies
OptanonConsent, OptanonAlertBoxClosed
Script domains
cdn.cookielaw.org, optanon.blob.core.windows.net
See the full list of 40+ detected CMPs: Supported CMPs
Verify your OneTrust configuration works end-to-end
Cookie Compliance Checker is launching soon. Join the waitlist for early access and be among the first to scan your site.