Skip to main content
The Clausum browser SDK (clausum.js) automatically collects device fingerprint and behavioral signals, and can run a client-side pre-check before your server makes the authoritative decision. It is payment-platform agnostic and works alongside Stripe, MercadoPago, Conekta, OpenPay, PayPal, and custom flows.
The SDK uses your publishable key (clm_pub_...). Never put a secret key (clm_sk_...) in client code.

Install

Drop in the script and initialize with your publishable key. Load the SDK from the same host as your Clausum web application (sandbox example below): 
<script
  src="https://sandbox.clausum.ai/sdk/clausum.js"
  data-clausum-key="clm_pub_xxx"
></script>
Or initialize manually: 
<script src="https://sandbox.clausum.ai/sdk/clausum.js"></script>
<script>
  Clausum.init({
    apiKey: "clm_pub_xxx",
    // Optional: full assess URL if your API base differs from the page origin
    apiUrl: "https://sandbox.clausum.ai/api/v1/assess",
  });
</script>
If support assigned a dedicated API hostname, set apiUrl to $CLAUSUM_API_BASE/api/v1/assess. See Access & environments.

Assess from the client

const result = await Clausum.assess({
  amount: 1500,
  currency: "MXN",
  transaction_type: "payment",
  email: "customer@example.com",
  customer_id: "cus_abc123",
  payment_method: {
    type: "card",
    card_bin: "411111",
    card_last4: "4242",
    card_country: "MX",
    card_brand: "visa",
  },
  metadata: { order_id: "ORD-123" },
});

if (result.shouldDecline) {
  showError("Transaction declined for security reasons");
} else if (result.requiresChallenge) {
  await request3DSVerification();
} else {
  await processPayment();
}
The SDK automatically attaches device (fingerprint, user agent, timezone) and behavior (session duration, mouse/keyboard activity, copy-paste events) so you don’t have to.

Pass the session to your backend

The SDK returns a session_id. Send it to your server so the authoritative /assess call can merge the behavioral signals collected in the browser. 
const result = await Clausum.assess({ /* ... */ });

await fetch("/api/checkout", {
  method: "POST",
  headers: { "Content-Type": "application/json" },
  body: JSON.stringify({ orderId, clausumSessionId: result.sessionId }),
});
On the server, include that session_id when you call /assess with your secret key — see Real-time assessment.

Configuration

OptionDefaultDescription
apiKeynullYour publishable key (clm_pub_...).
apiUrlSame-origin /api/v1/assessFull URL to assess on your assigned API host.
autoCapturetrueAutomatically collect device + behavioral signals.
failOpentrueIf the service is unreachable, don’t block the user.
debugfalseVerbose console logging.
Treat the client-side result as a pre-check to improve UX (e.g. trigger 3DS early). Always make the final capture decision on your backend.