Marketo Forms Patterns: The “Not You?” session regen link

Marketo's Known Visitor HTML feature (KV HTML in my shorthand) is a great way to streamline a lead's experience if they've already filled out a form.

KV HTML has quirks and guidelines that deserve another post, but in brief:

  • Use it to hide the usual form entirely if you already know who someone is, essentially letting somebody “jump the gate” to your content.
  • A Filled Out Form activity is still logged — a good thing for reporting!
  • KV HTML is not the same as Progressive Profiling (similar, but in fact mutually exclusive w/ProgPro).

Another cool thing KV HTML supports is a session regeneration link. This is the special {{form.NotYou}} token.


When clicked, this link cleanly breaks the connection to a previously associated lead and resets the form, while leaving previously logged activities as-is.

But with KV HTML disabled (If Known Visitor, Show = Form), there's no such token available. Which is pretty weird when you consider that you may be showing the lead some prefilled fields, so they could just as easily say “Not me!” in that case as well.

Why regenerate?

Regen'ing the session is necessary when, for a few examples:

  • one lead has taken over another lead's workstation
  • multiple users share a laptop
  • people visit your forms from a public kiosk

In these cases, it would be wrong to reassign the current session to a new lead (this is the result when a lead simply changes the form fields to his/her own info). What you instead want is to start a fresh session for the new (or merged) lead.

Session regen also solves the problems that come from one lead clicking a forwarded, mkt-tok-enized link that was originally sent to someone else. In some such cases, a form field reset + session reassign would be better. But it would be confusing to give people two different links (e.g. "This is not my info, and I don't know what else has happened" and "This is not my info, but only I have browsed your site from this machine") so in practice you can only include the one link and hope for the best. You don't want to bring up too literally that you've been tracking people, anyway.

What session regen entails

Our regen function will do exactly what the Not You? does in KV HTML:

  1. Remove all Munchkin tracking cookies (from the current domain and its parents)
  2. Remove the mkt_tok query param that gets appended to tracked links in emails (that's an instant Munchkin session associator that you need to reverse)
  3. Remove the aliId query param that caches previous form data (this one can cause some mind-bending confusion)
  4. Reload the page, now without any lead info

Get the code

First, make sure you have a copy of the FormsPlus::Core library v1.0.4 or later. Download the latest as of this writing, v1.0.5, to your own server from here and rename it appropriately.

Then include FormsPlus::Core in a remote <script>:


Followed by a local <script> with this easy-to-understand notYou function:

function notYou() {
   var redirectURI;

   FormsPlus.util.DNS.climbDomains([], function(domain) {
      FormsPlus.util.Cookies.remove(FormsPlus.strings.MARKETO_TRACKING_COOKIE, {
         domain: domain,
         path: "/"

   redirectURI = new FormsPlus.util.URI.URI();

   document.location.href = redirectURI;

The run notYou() on a button or link click.

Soon, I'll add notYou to FormsPlus::Util directly (as FormsPlus.util.Session.notYou, I think) but for now it's standalone.