Documentation Index
Fetch the complete documentation index at: https://docs.crewform.tech/llms.txt
Use this file to discover all available pages before exploring further.
Overview
The CrewForm Chat Widget lets you deploy any agent as an embeddable chat bubble on your website. Visitors can chat with your agent in real-time with streaming responses — no login required. Key features:- 🔥 Real-time streaming — responses stream in word-by-word via SSE
- 🎨 Customizable themes — light/dark mode, custom colors, position
- 🔒 Domain restrictions — whitelist which domains can use your widget
- ⚡ Rate limiting — configurable per-visitor message limits
- 💬 Session memory — conversation history persists across page reloads
- 🥷 Shadow DOM — zero CSS conflicts with your existing site
Quick Start
1. Create a Widget
- Go to Settings → Chat Widget
- Click New Widget
- Select the agent you want to power the chat
- Configure the welcome message, theme, and allowed domains
- Click Create Widget
2. Embed on Your Website
Copy the embed snippet and add it to your website’s HTML:</body> tag.
3. Self-Hosted Setup
If you’re self-hosting CrewForm, the widget JS is served directly from your task runner:Configuration Options
Script Tag Attributes
| Attribute | Required | Default | Description |
|---|---|---|---|
data-key | ✅ | — | Your widget API key (cf_chat_...) |
data-theme | ❌ | light | Theme mode: light or dark |
data-position | ❌ | bottom-right | Bubble position: bottom-right or bottom-left |
data-url | ❌ | https://runner.crewform.tech | Task runner URL (self-hosted only) |
Programmatic API
For more control, use the JavaScript API:Widget Settings
| Setting | Description |
|---|---|
| Agent | Which agent powers the chat |
| Welcome Message | First message shown when the chat opens |
| Placeholder Text | Input field placeholder |
| Allowed Domains | Comma-separated list of domains allowed to use this widget. Empty = all domains |
| Theme | Light or Dark mode |
| Primary Color | Brand color for the bubble and user messages |
| Position | Bottom-right or bottom-left |
| Rate Limit | Max messages per visitor per hour (default: 20) |
Security
Domain Restrictions
When you specify allowed domains, the widget server checks theOrigin header of every request. Only requests from whitelisted domains will be accepted.
Examples:
example.com— allowsexample.comandwww.example.com*.example.com— allows any subdomain ofexample.com- Leave empty to allow all domains (not recommended for production)
API Keys
Each widget gets a uniquecf_chat_ prefixed API key. This key is visible in the embed script, so always configure domain restrictions to prevent unauthorized usage.
You can regenerate the API key from Settings → Chat Widget if it’s compromised. Note that existing deployments will stop working until the embed snippet is updated.
How It Works
- Visitor opens the chat bubble on your website
- Widget fetches config from
/chat/config(agent name, welcome message) - Visitor sends a message →
POST /chat/message - Task runner creates a task assigned to the configured agent
- Agent processes the task using the LLM provider
- Response streams back via SSE to the widget
- Both messages are saved to the chat session for continuity
Troubleshooting
Widget doesn’t appear
- Check the browser console for errors
- Verify the
data-keyattribute matches your widget API key - Ensure the widget is active (toggle in Settings → Chat Widget)
“Origin not allowed” error
- Add your domain to the widget’s Allowed Domains list
- Include both
example.comandwww.example.comif needed - For local development, add
localhost
Messages fail to send
- Check that the task runner is running and accessible
- Verify the agent has a valid LLM provider key configured
- Check the rate limit — visitors are limited to the configured messages per hour
CORS errors
- If self-hosting, ensure your reverse proxy (nginx/Caddy) passes CORS headers
- The task runner handles CORS automatically for
/chat/*endpoints