Skip to main content
The ClickTerm integration flow mirrors the pattern used by Captcha providers. Your frontend displays the agreement, the user interacts with it, and your backend verifies the result.

Flow diagram

ClickTerm integration flow — sequence diagram showing how the SDK, your app, and the API interact

Step-by-step

1

Include the SDK

Add the ClickTerm SDK to your web frontend or mobile app — typically on registration, login, or checkout pages.
2

SDK requests the clickwrap

Call ClicktermDialog.show() with the endUserId and clickwrapTemplateId. The SDK fetches the current effective template version from ClickTerm.
3

Dialog shown (if needed)

If the end user hasn’t accepted the latest effective major version, a modal dialog is displayed. If they’ve already accepted, the SDK resolves immediately with no dialog.
4

User takes action

The user accepts or declines. The SDK creates an unverified event in the ClickTerm app and returns a Signature to your callback.
5

Send Signature to your backend

Pass the Signature to your server (e.g., as part of your registration form submission).
6

Backend verifies with ClickTerm API

Your backend calls POST /clickwrap/verify with the Signature, App ID, and App Key. ClickTerm validates the Signature and marks the event as verified. For accepted events, a Certificate of Acceptance is generated.
7

Handle the result

The API returns the event status (ACCEPTED or DECLINED) and the full event metadata. Notify your frontend with the result so your app can decide what to do next.
After verification, the interaction is saved in ClickTerm’s platform as a verified Clickwrap Event — available for your record and consultation in the dashboard.

Key points

  • Billing is on verification only — Requests to show a clickwrap are free. Only POST /clickwrap/verify calls count toward your billing.
  • No double-prompting — The SDK automatically checks if the user has already accepted the latest major version. If so, no dialog is shown.
  • No SSO required — End users don’t need a ClickTerm account. The endUserId is your own identifier.
Never expose your App Key in client-side code. The App Key is used only for backend verification calls. The client SDK uses only the App ID. Store the App Key safely — it won’t display again after creation, but can be regenerated. Regenerating the key requires updating your backend configuration.

Quickstart — Web SDK

Get running in 5 minutes.

Verifying a Signature

Detailed guide on the verification endpoint.