Encatch
Welcome to Encatch Docs
JavaScript Web SDKInstallation Methods

CDN / Script Tag

Load the Encatch Web SDK from jsDelivr with a script tag — no build step required

The Encatch Web SDK (@encatch/web-sdk) can be loaded from jsDelivr as an IIFE bundle. Add one <script> tag to your HTML and use the global _encatch object — no npm install or bundler required.

This method suits static sites, marketing pages, documentation sites (for example Astro Starlight), and legacy apps where you cannot add npm dependencies.

How the loader works

The jsDelivr file is a loader stub, not the full SDK. When you call _encatch.init(), Encatch injects the remote implementation from https://form.encatch.com/s/sdk/v1/encatch.js (a module script). API calls go to https://api.encatch.com by default. Commands you send before that remote script finishes loading are queued and replayed automatically.


What you need from the Encatch dashboard

Before adding the script tag:

  1. Publishable SDK key — In your Encatch project, go to Settings → Security → Publishable SDK Keys and click Create Publishable SDK Key. Copy the full key when shown — Encatch displays it only once at creation.
  2. Allowed Domains / Packages — On the same key, add your site origin (for example https://app.example.com). Up to 10 entries per key. Avoid * in production.
  3. Form slug or UUID — Open your feedback form in the dashboard, go to Triggers → Manual Trigger, and copy the Form Slug or Feedback Configuration UUID for showForm().

See Publishable SDK Keys and Form Builder for details.


Add the script tag

Pin the CDN version to the @encatch/web-sdk release you intend to use. Add the loader in your HTML <head> or before the closing </body> tag:

<script src="https://cdn.jsdelivr.net/npm/@encatch/web-sdk@1.4.0/dist/encatch.iife.js"></script>

The IIFE build registers _encatch on window (Vite library name _encatch, output file dist/encatch.iife.js).

Version pinning

Always pin a specific version in the URL (for example @1.4.0) rather than @latest, so production sites do not pick up breaking changes unexpectedly. The jsdelivr field in @encatch/web-sdk points to dist/encatch.iife.js.


Initialize the client

After the loader script tag, call init() with your publishable SDK key:

<script src="https://cdn.jsdelivr.net/npm/@encatch/web-sdk@1.4.0/dist/encatch.iife.js"></script>
<script>
  _encatch.init('your-publishable-sdk-key');
  _encatch.startSession();
  _encatch.showForm('your-form-slug-or-uuid');
</script>

Replace 'your-publishable-sdk-key' with the key from Settings → Security → Publishable SDK Keys.

Replace 'your-form-slug-or-uuid' with either:

  • Form Slug — 15–100 characters, lowercase letters, digits, hyphens, and underscores; must start with a letter (configured under Triggers → Manual Trigger in the dashboard), or
  • Feedback Configuration UUID — the read-only UUID on the same Manual Trigger screen

Only the first init() call runs — Encatch logs [Encatch] SDK already initialized. Ignoring init call. if init() is called again. After a successful identifyUser(), Encatch starts a session automatically; you do not need startSession() before identify.

You may call _encatch methods immediately after the loader script; calls made before the remote script from form.encatch.com loads stay in the internal queue until the implementation is ready.

Optional configuration

Pass a config object as the second argument to init():

<script>
  _encatch.init('your-publishable-sdk-key', {
    theme: 'system',
    debugMode: false,
    onBeforeShowForm: async (payload) => {
      // Return false to skip the built-in modal iframe
      return true;
    },
  });
</script>
OptionDefaultDescription
webHosthttps://form.encatch.comHost that serves /s/sdk/v1/encatch.js and form iframes
apiBaseUrlhttps://api.encatch.comBase URL for Encatch API requests
theme'system'Form theme: 'light', 'dark', or 'system'
debugModefalseLog SDK diagnostic messages to the console
onBeforeShowFormReturn false to block the built-in iframe and use a custom UI

Override webHost or apiBaseUrl only for non-production Encatch environments (for example dev or UAT). See Initialization in the client reference.


Identify users

Encatch uses identified users for in-app targeting, segments, and response attribution. Call identifyUser after init():

<script>
  _encatch.identifyUser('user@example.com', {
    $set: { name: 'Alice', plan: 'team' },
  });
</script>

userName must be an ASCII identifier (1–50 characters: letters, digits, ., _, @, -). Email addresses and internal user IDs work when they match this format.

For $set, $setOnce, $increment, secure HMAC signatures (optional Secret key on the publishable SDK key), and full username rules, see Identify users.


Content Security Policy

If your site sends CSP headers, allow both the jsDelivr loader and Encatch hosts. After init(), Encatch loads a module script from form.encatch.com and opens form iframes on the same host:

Content-Security-Policy:
  script-src 'self' https://form.encatch.com https://cdn.jsdelivr.net;
  connect-src 'self' https://api.encatch.com;
  frame-src 'self' https://form.encatch.com;

If you set custom webHost or apiBaseUrl in init(), whitelist those hosts in script-src / frame-src and connect-src respectively.

See the full Content Security Policy section in the client reference.


Next steps

Once installation and initialization are working, explore the full client API in the Client Reference — automatic triggers, form events, pre-fill (addToResponse), source tracking, and session control.

Was this page helpful?