ConsentGuard now validates Microsoft UET (Bing Ads) consent setups

3 min read
Mihai Brehar
microsoft uet bing ads consent mode product updates asc parameter

ConsentGuard is expanding beyond Google.

This week we rolled out beta support for Microsoft UET, the tracking pixel that powers Microsoft Ads (formerly Bing Ads). If you're spending on Microsoft Ads, you can now run the same kind of consent check on your UET implementation that you've been running on Google Consent Mode.

A quick refresher on Microsoft UET

Microsoft UET (Universal Event Tracking) is to Microsoft Ads what gtag is to Google Ads. It loads on your site, watches for conversions, and reports them back so the platform can attribute and optimise.

Like Google, Microsoft has its own Consent Mode. But where Google uses the gcs and gcd parameters, Microsoft uses a single parameter called asc:

  • asc=G: consent Granted (advertising cookies allowed)
  • asc=D: consent Denied (advertising cookies blocked)

One important quirk: Microsoft defaults to granted unless you explicitly set it to denied. That's the opposite of how a lot of people assume consent should default, and it's an easy way to leak data before the user has interacted with your banner.

What ConsentGuard checks

We validate the same three phases we check for Google Consent Mode:

  1. Initial (before the user interacts with the banner): asc should be D or absent. UET tracking cookies should not be set.
  2. Reject (after the user rejects cookies): same as initial. asc=D or absent, no UET cookies.
  3. Accept (after the user accepts cookies): asc=G. Cookies are now allowed.

We also distinguish between the UET requests that do need consent (event tracking, conversions) and the ones that don't (the bat.js script load, tag config). A library loading itself is not tracking you. Only requests that actually carry tracking data should be gated by consent.

If something is off in any of those phases, you'll see a violation like INVALID_ASC_INITIAL, INVALID_ASC_REJECT, INVALID_ASC_ACCEPT, or FORBIDDEN_COOKIES_* in your report.

Help us make it bulletproof

This is beta. The validation logic works against the setups we've tested, but Microsoft Ads implementations vary a lot in the wild: different CMPs, different tag managers, hand-rolled gtag-style integrations, etc.

If you're running Microsoft / Bing Ads, please take 2 minutes to scan your site:

👉 Run a free check

Then have a look at the report. If anything doesn't match what you know about your setup (a false positive, a missing detection, an unclear message), please let us know. Your feedback is what makes the next round of fixes possible.

What's next

Microsoft UET is the first of several non-Google integrations on our roadmap. The pattern (consent parameter, forbidden cookies, phase-by-phase validation) is now in place, and we'll be rolling it out to more vendors over the coming months.

— Mihai Cofounder, ConsentGuard.io

Published on January 20, 2026 by Mihai Brehar
Share:
Back to Insights