Widget Runtime Behavior

The widget chat runtime uses:

• X-Widget-Publishable-Key for agent scoping
• X-Visitor-Id for visitor continuity across visits
• visitId for the active website visit
• Optional conversationId for exact resume of the active visit session

Context and Retrieval

For each user message:

• Message is validated (max 4000 characters)
• The runtime resumes only the current visit’s active session
• Top source chunks are retrieved from indexed content
• Response is streamed from configured model
• Source summaries are returned in x-rag-context header

Visit Lifecycle

• visitorId persists across visits for the same widget scope.
• visitId is shared across tabs for the same active visit.
• Once presence heartbeats stop and the visit expires, the next page visit starts a fresh conversation session.
• conversationId is the server-assigned chat session id and should be treated as opaque.

Rate Limits (Current Defaults)

Window: 60s

• Widget per IP: 90
• Widget per visitor: 45
• Widget per publishable key: 120

If exceeded, APIs return 429 with Retry-After and X-RateLimit-* headers.

Voice Input

The widget can capture microphone audio and transcribe it into editable text before sending.

• Voice input requires HTTPS because browser microphone access depends on getUserMedia().
• Iframe embeds must allow microphone access. The hosted widget script sets allow="microphone" on the iframe automatically.
• Browser support varies more than plain text chat, so voice input should be treated as a progressive enhancement rather than the primary input path.