Skip to main content
The Veriox inject script exposes a window.Veriox object on every page where the worker is active. You can use this to trigger verification from your own code, regardless of how the automated trigger is configured.

Methods

window.Veriox.requireVerification()

Shows the verification popup. Returns a Promise that:
  • resolves when the visitor successfully completes verification
  • rejects with Error('dismissed') if the visitor closes the popup
document.getElementById('buy-now').addEventListener('click', async (e) => {
  if (window.Veriox.isVerified()) return; // already verified — let the click through

  e.preventDefault();
  try {
    await window.Veriox.requireVerification();
    // Verification passed — proceed with the original action
    window.location.href = '/checkout';
  } catch {
    // Visitor dismissed the popup — do nothing
  }
});

window.Veriox.isVerified()

Returns true if the visitor has a valid verified session, false otherwise. Checks for the session cookie set by the Veriox worker after a successful verification. 
if (window.Veriox.isVerified()) {
  // Show age-restricted content
} else {
  // Show a prompt or gate
}

When to use the JS API

The JS API is useful for custom flows where the built-in trigger options don’t fit:
  • You want to gate a specific action (e.g. adding to cart) without showing a popup on page load
  • You are building a custom UI and want full control over when the popup appears
  • You want to conditionally show different content depending on verified status
For most use cases, the Manual trigger option in the portal (blocking specific buttons) handles this without any code. Use the JS API when you need behaviour the portal settings can’t express.
The window.Veriox object is always available on pages where the worker is active — you do not need to select a specific trigger mode to use it.

Mobile behaviour

On mobile, verification runs as a full-page redirect rather than an in-page overlay (this is required for the handoff to the Concordium ID app to work reliably on iOS and Android). One consequence for the JS API:
On mobile, requireVerification() navigates away from the page, so the returned Promise does not resolve — the page is gone before it can. Don’t rely on await requireVerification() to continue a flow on mobile. Check isVerified() on page load instead.
When the visitor finishes (or dismisses), they’re redirected back to the page they came from. Detect the result on load and resume from there: 
// Runs on every page load, including the return from verification
if (window.Veriox.isVerified()) {
  showAgeRestrictedContent();
}
To resume a specific action (e.g. a buy button), store the intent before triggering and replay it on return: 
document.getElementById('buy-now').addEventListener('click', (e) => {
  if (window.Veriox.isVerified()) { addToCart(); return; }
  e.preventDefault();
  localStorage.setItem('veriox_intent', 'add_to_cart');
  window.Veriox.requireVerification(); // do not await on mobile
});

// On page load — handle the return
if (window.Veriox.isVerified() && localStorage.getItem('veriox_intent') === 'add_to_cart') {
  localStorage.removeItem('veriox_intent');
  addToCart();
}
This same code also works on desktop, where isVerified() is true immediately after the overlay completes — so you can write one integration for both.
Desktop keeps the in-page overlay and the requireVerification() Promise resolves as documented above. The patterns here only matter if you support mobile visitors. The automated global and URL pattern triggers need no code and are unaffected.