Let’s get started
Take your business to next level
Become part of our growing family of +600,000 users and get the tools you need to make smart choices for your website. Simple, powerful insights are just a click away.
WP Statistics is built on the principle that site analytics should be both powerful and privacy‑friendly. The Marketing add‑on brings those same values to its integration with Google Search Console (GSC). This document explains what the integration does, which permissions are requested, what data travels where, and how we protect your visitors’ and your own privacy every step of the way.
Connecting GSC enables you to view valuable search‑performance metrics (impressions, clicks, average position, etc.) directly inside WP Statistics. This keeps your SEO insights in the same privacy‑centric dashboard you already use–no need to log in to multiple services or share access with third‑party analytics platforms.
When you press “Connect Google Account” in the WP Statistics settings, you are sent through Google’s standard OAuth 2.0 consent flow. You will see a screen titled “WP Statistics wants access to your Google account.”
We request the following read‑only OAuth scopes:
| Google OAuth Scope | Why we need it |
|---|---|
openid | Required so Google can issue an ID token that verifies the sign‑in. |
https://www.googleapis.com/auth/userinfo.email | Lets WP Statistics show which Google account is connected by reading the email address. |
https://www.googleapis.com/auth/userinfo.profile | Lets WP Statistics display your Google display name and avatar in the admin UI. |
https://www.googleapis.com/auth/webmasters.readonly (shown as “View Search Console data for your verified sites”) | Allows WP Statistics to fetch — but never modify — your Search Console performance data. |
⚠️ WP Statistics cannot create, delete, or modify any properties in your Search Console account.
To orchestrate secure, token‑based requests to Google’s APIs, the Marketing add‑on communicates with a lightweight middleware service we maintain. The only persistent record we keep is:
| Field | What It Is | Why We Need It | Where It Lives |
|---|---|---|---|
| Domain Hash | A non‑reversible SHA‑256 hash of your site’s domain, truncated to the first 40 characters. | Used as an anonymous identifier so we can recognise that subsequent token refresh requests belong to the same site–even if you disconnect and reconnect. | Our middleware database (encrypted at rest). |
We do not store any other information from your website, Google account, or Search Console in our infrastructure.
https://example.com) and computes its SHA‑256 hash.The OAuth tokens that Google provides are kept only in your own database (using WordPress’s Options API with autoload disabled so they are not loaded on every page‑view). These include:
| Token | Lifespan | Purpose |
|---|---|---|
| Access Token | ~1 hour | Temporarily authorises calls to Google’s Search Console API on your behalf. |
| Refresh Token | Until revoked | Lets WP Statistics request a new access token without requiring you to log in again. |
| Expires In | Value in seconds | Informs WP Statistics when to use the refresh token. |
Tokens are never written to disk on our middleware and are transmitted over TLS 1.2+ only.
Because your domain name is hashed, WP Statistics can:
This upcoming feature lets you supply a custom GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET in Settings → Marketing → Google Search Console.
https://www.googleapis.com/auth/webmasters.readonly.Because nothing leaves your infrastructure, this mode provides the highest level of isolation for organisations with strict compliance needs.
Q : Does WP Statistics store my search queries or performance data?
A: No. Search‑Console metrics are fetched on demand, cached in your WordPress database (if enabled), and never transmitted to our servers.
Q : Can I limit access to a single property instead of all verified sites?
A: Google’s OAuth scope is account‑wide. To limit scope, create a Google account dedicated to the specific property and verify only that site.
Become part of our growing family of +600,000 users and get the tools you need to make smart choices for your website. Simple, powerful insights are just a click away.