Skip to content
Documentation
Embeddable Widget

Embeddable Widget

The embeddable chat widget lets you add an AI assistant to any external website with a single <script> tag. Visitors can chat with your assistant without logging in or leaving the page.

The widget renders inside a Shadow DOM for complete style isolation — it won’t interfere with your website’s CSS, and your CSS won’t affect the widget.

Setup

  1. Go to the assistant detail page and open the Channels tab
  2. Click on Browser External and configure the settings (see below)
  3. Enable the channel
  4. Set the Access Control to include Public so unauthenticated visitors can use it
  5. Copy the embed snippet and add it to your website

Embed Code

Add this script tag to any page where you want the widget to appear:

<script src="https://your-teamwebai-domain/static/js/chat-widget.js"
        data-assistant-id="123"></script>

Script Tag Attributes

AttributeRequiredDescription
data-assistant-idYesThe assistant ID
data-assistant-urlNoThe TeamWeb AI server URL (defaults to the script’s origin)
data-user-tokenNoEncrypted identity token for known users (see User Identification)

Configuration Options

These are set in the channel configuration page in TeamWeb AI:

SettingDescription
Primary ColorWidget accent color (default: #0d6efd)
Positionbottom-right or bottom-left (default: bottom-right)
Avatar URLOptional URL for a custom chat bubble avatar
GreetingInitial message shown when the widget opens
Widget TitleTitle shown at the top of the chat panel (defaults to assistant name)
Require Lead CaptureCollect visitor name and email before the first message
Allowed OriginsComma-separated list of origins for CORS (leave empty to allow all)

How It Works

  1. A visitor clicks the floating chat bubble on your website
  2. If lead capture is enabled, they’re asked for their name and email first
  3. A conversation is created and the greeting message (if configured) is shown
  4. The visitor types messages and receives responses in real-time (1.5s polling)
  5. Chat state is stored in localStorage, so the widget survives page navigation — if the visitor navigates to another page on your site, the chat reopens where they left off
  6. A Contact record is automatically created for each visitor

Cross-Page Persistence

The widget stores its state in the browser’s localStorage:

  • Visitor session ID (generated once, persists across pages)
  • Current conversation ID
  • Open/closed state
  • Lead capture completion status

This means a visitor can browse multiple pages on your site while keeping their chat open and intact.

Widget Features

  • Responsive — Full-screen on mobile, floating panel on desktop
  • Typing indicator — Animated dots shown while the assistant is thinking
  • Timeout warning — “This is taking longer than usual…” shown after 60 seconds
  • Skeleton loading — Shimmer placeholders while conversation history loads
  • End chat — Visitors can end the chat, which triggers the session feedback form (if configured)
  • Message feedback — Thumbs up/down on assistant messages (if configured)
  • Session feedback — Star rating and comment form when a chat ends (if configured)
  • Transcript download — Download the full chat transcript as a text file

Key Differences from Internal Chat

FeatureBrowser InternalEmbeddable Widget
AuthenticationRequires loginAnonymous or encrypted identity
User typeAdmin / StaffPublic (Contacts)
UIFull admin/staff interfaceFloating widget panel
Style isolationPart of TeamWeb AI UIShadow DOM (isolated)
State persistenceServer sessionslocalStorage
Voice chatYes (with WebRTC)No
Canvas cardsYesNo
FeedbackYesYes

Rate Limiting

The widget API is protected by rate limiting to prevent abuse:

LimitDefaultDescription
Messages per session per minute10Per visitor session
Requests per IP per minute30Per IP address
New conversations per IP per hour5Per IP address

When a limit is exceeded, the widget receives a 429 response with a Retry-After header. These defaults can be adjusted via environment variables.

CORS

The widget API includes CORS headers on all responses. Configure Allowed Origins in the channel settings to restrict which domains can use the widget. Leave it empty to allow all origins (suitable for development).

For production, set it to your website’s origin (e.g., https://www.example.com).