Quickstart

Load the SDK, capture consent evidence on form submit, and verify it appears in the dashboard.

1. Add the SDK to your page

Add this script tag in your <head>. Replace YOUR_CID with the CID from your organization settings page in the dashboard.

html

<script
  src="https://sdk.expressconsent.com/sdk/v1/sdk.js"
  data-ec-cid="YOUR_CID"
></script>

Don't self-host the SDK

The SDK resolves its upload endpoint from the URL it was loaded from. Self-hosting will break uploads.

2. Capture evidence on submit

Call captureCDR() inside your form submit handler, before page navigation. The returned cdrId is your evidence ID — store it with your lead/user record.

javascript

document.getElementById("consentForm")?.addEventListener("submit", async (e) => {
  e.preventDefault();

  // Generate or retrieve a unique ID for this submission BEFORE calling captureCDR.
  // This lets you find the CDR later even if the initial upload fails.
  const leadId = crypto.randomUUID();

  try {
    const { cdrId } = await window.ExpressConsent.captureCDR({
      custom: {
        uid: leadId,
        phoneNumber: document.getElementById("phone")?.value ?? "",
      },
    });

    // ✅ Save cdrId with your lead/user record.
    console.log("Evidence saved:", cdrId);
  } catch (err) {
    console.error("ExpressConsent capture failed:", err);
    // The SDK saved the CDR locally and will retry on the next page load.
    // Save your lead record without a cdrId — you can reconcile later
    // using the uid you passed in custom metadata.
  }

  e.currentTarget.submit();
});

Why window.ExpressConsent?

The SDK attaches itself to window.ExpressConsent. The window. prefix is required in TypeScript and linted JavaScript.

Await before page navigation

If the page navigates or the form unmounts before the promise resolves, the CDR may not be saved. Always preventDefault() → await → submit.

3. Verify in the dashboard

Run a test submission, then confirm the CDR appears:

Sign in → select your organization → open your domain → go to CDRs
Find your cdrId in the list
Open it and confirm the visual record (screenshot) clearly shows consent UI + legal text

4. Quick fidelity check

Open the CDR and confirm the visual record shows:

The consent checkbox/control visibly selected
The full consent/TCPA disclaimer text (not truncated or hidden)
No ambiguity from responsive layouts collapsing legal text

Test mobile too

Run at least one mobile-sized submission. If your mobile CSS hides consent language, the CDR will reflect that.

Local development (localhost)

When testing on a locally-served site (e.g. localhost:3000), images, fonts, and other assets hosted by your local dev server may appear broken or missing in the visual record unless you enable SDK inline-assets mode. For local testing, call captureCDR({ inlineAssets: true }) so asset bytes are embedded in the captured DOM state and cloud rendering does not need to fetch localhost URLs.

Review the Troubleshooting page for a full checklist of page patterns that can affect snapshot fidelity (cross-origin iframes, lazy-loaded assets, animations on consent elements, etc.).

Done

Your integration is working. Store cdrId with every lead/user record going forward.

What if the upload fails?

The SDK automatically saves CDR data locally and retries on the user’s next page load. A cdrId is only returned when the upload succeeds immediately. If it fails, you can find the CDR later by querying the API with the unique identifier you passed in custom metadata, or receive it via webhook. See Offline resilience for the full pattern.

Selling leads to buyers?

If you pass leads to other companies, add autoShare: true to your captureCDR() call. The SDK will return a shareUrl you can send to your lead buyers so they can claim the consent evidence. See Sharing with Lead Buyers.

captureCDR() reference Sharing with Lead Buyers Troubleshooting