sameAs profile match - MetricSpot docs

What this check does

Parses the sameAs array from your Organization (or Person, LocalBusiness) JSON-LD and, for each URL:

Issues a HEAD then GET and confirms a 2xx response (following one redirect).
Scans the destination HTML for your brand name (the name or alternateName from the same JSON-LD).

The check fails if any URL 404s, redirects to an unrelated domain, or resolves to a page whose visible content doesn’t mention the brand. This is a separate check from sameAs social profiles, which only verifies that the array exists.

Why it matters

The whole point of sameAs is to tell Google “these URLs all refer to the same real-world entity as this website.” When one of those URLs is broken, the entity merge fails — Google can’t confidently connect “Acme Inc on LinkedIn” to your site if the LinkedIn URL returns a 404, and it can’t connect “Acme Industries Ltd” to your “Acme Inc” page if the LinkedIn slug has been renamed and now belongs to a different company.

The cost of a broken sameAs is silent. Your structured data still validates. Rich Results Test still shows green. But the Knowledge Graph quietly refuses to attribute the profile to you — and Knowledge Panels, brand carousels, and AI-agent citation provenance all lean on that attribution.

The most common breakages, in roughly decreasing order of frequency:

Twitter → X URL migration. Profiles still resolve at twitter.com (Twitter redirects), but some sameAs arrays point at sub-paths that broke. Always use https://x.com/handle.
LinkedIn /company/ slug renames. When a company rebrands, the old slug 404s. The /company/ numeric ID redirect is more stable but ugly.
Defunct profiles left in the array. Google+ entries from 2018. Vine. Periscope. Audit-and-prune.
Vanity-domain redirects that drop the path. acme.co/twitter → https://x.com/ (no handle). Always link the canonical profile URL directly.
Capitalisation drift. Some platforms 404 on incorrect capitalisation in the slug. Test what you paste.

How to fix it

1. Audit the array — curl loop:

curl -s https://yourdomain.com/ \
  | grep -oE '"sameAs":\s*\[[^]]+\]' \
  | grep -oE 'https?://[^"]+' \
  | while read url; do
      code=$(curl -s -o /dev/null -w '%{http_code}' -L -A 'Mozilla/5.0' "$url")
      echo "$code  $url"
    done

Anything that returns 4xx or 5xx is dead. Anything that 3xx-redirects to a different hostname is suspect — open it in a browser and confirm the destination still represents your brand.

2. Audit the array — browser script. Paste into DevTools console on your home page:

const ld = [...document.querySelectorAll('script[type="application/ld+json"]')]
  .map(s => { try { return JSON.parse(s.textContent); } catch { return null; } })
  .filter(Boolean)
  .flatMap(o => Array.isArray(o) ? o : [o]);

const sameAs = ld.flatMap(o => o.sameAs || []);
console.table(sameAs);

await Promise.all(sameAs.map(async url => {
  try {
    const r = await fetch(url, { mode: 'no-cors' });
    console.log(r.type === 'opaque' ? 'opaque' : r.status, url);
  } catch (e) {
    console.error('FAIL', url, e.message);
  }
}));

CORS will make many responses opaque, but network failures (DNS, 5xx) still surface as errors. For a clean status code, run the curl loop above instead.

3. Schema.org validator. Paste your URL into validator.schema.org — it surfaces JSON-LD parse errors and shows the resolved sameAs array. Useful when your CMS is mangling the JSON.

4. Keep a stable canonical handle per platform. Pick one URL per profile and use it everywhere — in sameAs, in your footer, in your email signature, in press releases. The canonical forms that age well:

LinkedIn: https://www.linkedin.com/company/<slug> (not /in/, not the numeric ID, not a localised /de.linkedin.com redirect).
X / Twitter: https://x.com/<handle> (the twitter.com form still redirects, but x.com is canonical now).
YouTube: https://www.youtube.com/@<handle> (the modern handle form, not /channel/UCxxxx and not /user/xxxx).
GitHub: https://github.com/<org> (no trailing slash).
Wikipedia: the English en.wikipedia.org URL even if you have language variants — language-specific URLs are not the canonical entity.
Mastodon: https://<instance>/@<handle> (the federated URL, not a hashed ID).

5. After fixing, validate twice. Run the Schema Markup Validator for syntax, then Google Rich Results Test to confirm Google can fetch and parse the JSON-LD. The Rich Results Test runs from Google’s IP — if a sameAs target blocks Googlebot’s user agent or country, it will fail there even if your curl succeeded.

Frequently asked questions

How often should I audit my sameAs array?

Twice a year is enough for most sites. Platforms rename slugs (LinkedIn especially) and profiles get abandoned. Add the curl loop above to your release checklist or a scheduled monitoring job — it’s a 30-second check.

My LinkedIn URL redirects to a “company not found” page but returns 200. Does the check pass?

It depends. The check does the brand-name match step exactly to catch this case — LinkedIn returns 200 with a generic “this page doesn’t exist” body, so the brand-name scan fails and the rule fires. Update the URL to the current /company/<slug> or remove it.

Avoid them. If Googlebot can’t fetch the page anonymously, it can’t confirm the entity. Most major social platforms render a public profile shell without auth — if yours doesn’t, that profile isn’t useful as a sameAs target.