Integration docs

Every example below includes secure identity verification. Do not ship identify() without user_hash.

Install snippet

<!-- rokochat -->
<script>
  (function(w,d,s,k){
    w.Rokochat = w.Rokochat || function(){ (w.Rokochat.q = w.Rokochat.q || []).push(arguments) };
    w.Rokochat.k = k;
    var f = d.getElementsByTagName(s)[0], j = d.createElement(s);
    j.async = 1; j.src = 'https://cdn.rokochat.com/w.js';
    f.parentNode.insertBefore(j, f);
  })(window, document, 'script', 'rk_pk_YOUR_KEY');
</script>

Secure identify()

Compute HMAC on your server, pass hash to the browser.

// Node.js — apps/api route or getServerSideProps
import { createHmac } from "node:crypto";

export function rokochatUserHash(userId: string): string {
  return createHmac("sha256", process.env.ROKOCHAT_IDENTITY_SECRET!)
    .update(userId).digest("hex");
}

// Browser — after your auth layer loads
Rokochat.identify({
  id: user.id,
  user_hash: serverProvidedHash,
  email: user.email,
  name: user.name,
});

Call Rokochat.logout() on your app's logout.

More guides

Framework guides

Error codes