Integration docs
Every example below includes secure identity verification. Do not ship identify() without user_hash.
Install snippet
<!-- rokochat -->
<script>
(function(w,d,s,k){
w.Rokochat = w.Rokochat || function(){ (w.Rokochat.q = w.Rokochat.q || []).push(arguments) };
w.Rokochat.k = k;
var f = d.getElementsByTagName(s)[0], j = d.createElement(s);
j.async = 1; j.src = 'https://cdn.rokochat.com/w.js';
f.parentNode.insertBefore(j, f);
})(window, document, 'script', 'rk_pk_YOUR_KEY');
</script>Secure identify()
Compute HMAC on your server, pass hash to the browser.
// Node.js — apps/api route or getServerSideProps
import { createHmac } from "node:crypto";
export function rokochatUserHash(userId: string): string {
return createHmac("sha256", process.env.ROKOCHAT_IDENTITY_SECRET!)
.update(userId).digest("hex");
}
// Browser — after your auth layer loads
Rokochat.identify({
id: user.id,
user_hash: serverProvidedHash,
email: user.email,
name: user.name,
});Call Rokochat.logout() on your app's logout.