Centinel AnalyticaCentinel Analytica

Scripts

Add the Centinel Analytica script to pages where protected actions can happen—login forms, checkout, signup, etc.

Add the script tag

Drop this in your page <head> and replace SITE_KEY with your site key (from the Dashboard).

<html>
    <head>
        <script src="https://collector.centinelanalytica.com/script.js?site_key=SITE_KEY"></script>
        <!-- Rest of the head -->
    </head>
    <body>
        <!-- Page content -->
    </body>
</html>

Where to include it

Add the script to any page where a protected request can be triggered:

  • login pages (or any page with a login form/modal)
  • signup / password reset pages
  • checkout flows
  • content download pages

If you have a single-page app (SPA), load it once globally in your base layout so it's available across routes.

Single-page apps

If your site navigates client-side, install the script once in the global layout (not per route) to avoid double-loading.

Wait until ready

To make sure the script has loaded and is ready, check window.cen.initialized. If it isn't ready yet, wait for the CentinelInitialized event.

function whenCentinelReady(cb) {
    if (window.cen && window.cen.initialized) {
        cb();
        return;
    }

    const handler = () => {
        window.removeEventListener('CentinelInitialized', handler);
        cb();
    };

    window.addEventListener('CentinelInitialized', handler);
}

// Example usage
whenCentinelReady(() => {
    login();
});

Next step

After the script is installed, your backend should call /validate on protected requests:

Validation

Call /validate from your backend and enforce allow/block/redirect/not_matched.

Dashboard

Copy your API keys, define protected endpoints, and monitor traffic.

Validation

When a request hits a protected endpoint, call the validation API to get a decision on whether to allow it.

On this page

Add the script tagWhere to include itWait until readyNext step