This article covers self-hosting the Appcues SDK's Bootstrap script and configuring it to proxy to the Appcues API endpoints. Self-hosting is not recommended in all cases since it comes at a cost, see the important note below.

Once self-hosted:

• Your end-users will load this script from a host that you configure instead of from Appcues fast.appcues.com
• You can create a sub-resource integrity hash for the script. This allows browsers to verify the script they are fetching is delivered "as is". It works by allowing you to provide a cryptographic hash that a fetched resource must match.
• You will need to manually update to new versions of the script whenever changes to the bootstrap script occur.

Important Notes

• Unless your needs specifically require it, self-hosting and optional proxying are not recommended. Self-hosting the SDK bootstrap script means you will not automatically receive new versions of the bootstrap script and will need to update your copy of this script if changes to it are made. If you do not update, it may make you unable to receive new Appcues features and functionality. To be alerted of changes, we recommend following the Github repo where this script is hosted.
• This guide does not allow you to fully self-host the Appcues SDK. Self-hosting the SDK bootstrap script only allows you to secure your Appcues installation with Content Integrity Tags. Even when self-hosting, the SDK Bootstrap script includes auto-update functionality that could be blocked by strict security policies in your application.

Requirements

• Ability to host the bootstrap javascript file and serve it to your end-users. Depending on your end-user volume you may wish to host the script on a CDN

How-To

Self-hosting the SDK Bootstrap Script requires the following steps:

1. Swap out <your appcues account id> for your account id (located on the Settings page in Studio).
2. Host the script so that your product can load it as needed.

Testing

Testing can be done by loading the script on your site and seeing it function.

The easiest test is to open your browser's JavaScript console and run the command Appcues.debug(). Learn more about the debug command.

Proxying Appcues

It also is possible to proxy Appcues' API endpoints so that your end-users directly interact with your proxy instead of directly with fast.appcues.com and api.appcues.net

Important: Proxying Appcues endpoints requires that you host and configure a proxy that is capable of serving your end-user scale. Appcues does not provide a ready-made proxy implementation so you must provide your own.  Proxying is purely an option requested by some organizations to meet their specialized security needs.

Requirements

• If proxying fast.appcues.com, your proxy must support all GET requests from the fast.appcues.com domain.
• If proxying api.appcues.net, your proxy must support GET and POST requests for any path of the api.appcues.net domain in addition to support for proxying WebSocket connections.
  • Proxying api.appcues.net requires your proxy to support all your end-user's network traffic. Appcues is unable to provide estimates for this traffic because it is a function of your active users, the number of requests your app makes to the Appcues API via the Appcues SDK, the size of your content, and the amount of content being shown.

How-To

1. Create a proxy system that meets the requirements outlined above. This can be accomplished with the proxy technology of your choice, for example NGINX. An example architecture for an NGINX proxy to Appcues' endpoints might look like this:
2. Once your proxy is set up, update your self-hosted SDK bootstrap script to reference your proxy.
   • If proxying fast.appcues.com update the hostname in the value of APPCUES_BUNDLE_DOMAIN to reflect your proxy domain hostname.
   • If proxying api.appcues.net update the value of APPCUES_API_HOSTNAME to reflect your proxy domain.

Testing

Testing is as simple as loading the script on your site and seeing it function.

The easiest test is to open the browser's Javascript console and run the command  Appcues.debug() . More information on the debug command can be found on our docs site.

Questions?

Appcues support can answer any questions you have about the content of this article however Appcues can not consult on your proxy implementation.