# AnswerLattice Widget Contract v1

> Stable script URL, browser API, context schema, verification semantics, and compatibility policy.

## Stability policy

AnswerLattice will keep the Widget Contract v1 backward-compatible for at least 36 months from general availability.

- https://answerlattice.com/widget/v1/answerlattice-widget.js
- al_* widget key format
- window.AnswerlatticeWidget global
- setContext(context)
- page(context)
- safe context field names
- blocked route behavior
- install verification semantics
- Markdown docs URLs
- /llms.txt URL

## Widget script caching

The v1 script URL is stable and backward-compatible, but not immutable. AnswerLattice can ship compatible bug fixes without requiring clients to change install code.

- Recommended header: Cache-Control: public, max-age=300, stale-while-revalidate=86400
- Do not use long immutable caching on /widget/v1/answerlattice-widget.js.
- If content-addressed builds are added later, generated install docs still point to the stable v1 URL.

## May change without breaking clients

- internal widget implementation
- UI styling
- dashboard layout
- agent-specific prompt wording
- generated examples
- performance internals
- cache implementation

## Dashboard-owned settings

- Allowed origins are saved in the AnswerLattice dashboard and enforced by AnswerLattice runtime APIs.
- Blocked routes are saved in the AnswerLattice dashboard and returned through widget runtime config.
- Client products should not create duplicate owner settings for origins or blocked routes.

## Will not be accepted from browser context

- tenantId
- storeId
- tId
- sId
- userId
- uId
- email
- phone
- fullName
- billingId
- subscriptionId
- customerRecord
- customerRecords
- privateMetadata
- accessToken
- refreshToken
- jwt
- cookie
- session
- apiKey
- secret
- password
- payment

## Public API note

The public API may be account-gated. For most clients, install the AnswerLattice widget first.