> ## Documentation Index
> Fetch the complete documentation index at: https://docs.vouchmark.com/llms.txt
> Use this file to discover all available pages before exploring further.

# HTML / JavaScript

> Integrate the Vouchmark widget with a single script tag — no build tools required.

The HTML SDK is a lightweight script that exposes a global `Vouchmark` object. Use it when you don't have a framework or want the simplest possible integration.

## Installation

Add the script to your page's `<head>` or before the closing `</body>`:

```html theme={null}
<script src="https://js.vouchmark.com/v1/vouchmark.js" async></script>
```

The script is \~12 KB gzipped and loads asynchronously so it won't block rendering.

## Quick start

```html theme={null}
<button id="start-kyb">Verify your business</button>

<script>
  document.getElementById("start-kyb").addEventListener("click", function () {
    Vouchmark.open({
      widgetId: "wgt_your_widget_id",
      publicKey: "live_pk_your_public_key",
      environment: "live",
      applicant: {
        email: "applicant@example.com",
        businessName: "Acme Ltd",
        registrationNumber: "RC123456",
      },
      onSuccess: function (applicant) {
        console.log("Approved:", applicant.id, applicant.riskScore);
      },
      onAbandon: function () {
        console.log("Applicant closed the widget");
      },
      onError: function (error) {
        console.error("Widget error:", error.code, error.message);
      },
    });
  });
</script>
```

## Configuration options

| Parameter         | Type                  | Required | Description                                                                                                                         |
| ----------------- | --------------------- | -------- | ----------------------------------------------------------------------------------------------------------------------------------- |
| `widgetId`        | `string`              | Yes      | The widget ID from your dashboard. Must match the widget's environment.                                                             |
| `publicKey`       | `string`              | Yes      | Publishable key: `test_pk_…` (sandbox) or `live_pk_…` (live).                                                                       |
| `environment`     | `"sandbox" \| "live"` | Yes      | `"sandbox"` with `test_pk_…`, `"live"` with `live_pk_…`. Must match the widget ID. See [Environments](/sdks/overview#environments). |
| `applicant`       | `object`              | No       | Pre-fill applicant details (email, businessName, registrationNumber, phone, tin, jurisdiction, industry).                           |
| `referenceId`     | `string`              | No       | Your internal reference to link this session to your system.                                                                        |
| `sessionToken`    | `string`              | No       | Server-generated signed token (required when `requireSignedRequests` is enabled).                                                   |
| `locale`          | `string`              | No       | UI language. Default `"en"`.                                                                                                        |
| `onSuccess`       | `function`            | No       | Called when the applicant is approved. Receives the applicant object.                                                               |
| `onAbandon`       | `function`            | No       | Called when the user closes the widget without completing.                                                                          |
| `onError`         | `function`            | No       | Called on unrecoverable errors. Receives `{ code, message }`.                                                                       |
| `onStepCompleted` | `function`            | No       | Called after each module completes. Receives `{ moduleId, status }`.                                                                |
| `onReady`         | `function`            | No       | Called when the widget iframe has loaded and is ready.                                                                              |

## Methods

### `Vouchmark.open(config)`

Opens the widget overlay. If the widget is already open, this is a no-op.

### `Vouchmark.close()`

Programmatically closes the widget. Triggers `onAbandon` if the flow was not yet complete.

### `Vouchmark.isReady()`

Returns `true` once the script has loaded and is ready to open.

## Signed sessions (optional)

If you enabled **Require signed requests** in the widget security settings, you must generate a `sessionToken` on your server before opening the widget:

```js theme={null}
// Server-side (Node.js example)
import { Vouchmark } from "@vouchmark/node";

const vouchmark = new Vouchmark({ secretKey: process.env.VOUCHMARK_SECRET_KEY });

const session = await vouchmark.sessions.create({
  widgetId: "wgt_your_widget_id",
  environment: "live",
  applicant: { email: "applicant@example.com" },
});

// Return session.token to the client
```

Then pass it client-side:

```html theme={null}
<script>
  Vouchmark.open({
    widgetId: "wgt_your_widget_id",
    publicKey: "live_pk_your_public_key",
    environment: "live",
    sessionToken: "sess_signed_token_from_server",
    onSuccess: function (applicant) { /* ... */ },
  });
</script>
```

## Content Security Policy

If your site uses a strict CSP, add these directives:

```
script-src 'self' https://js.vouchmark.com;
frame-src 'self' https://widget.vouchmark.com;
connect-src 'self' https://api.vouchmark.com;
```

## Browser support

The widget supports all modern browsers (Chrome, Firefox, Safari, Edge) and degrades gracefully on older browsers. IE11 is not supported.
