Skip to main content

Integrating Salespeak with your cookie consent manager

Updated

How to make sure the Salespeak widget only loads after a visitor has accepted the appropriate cookie category — works with CookieHub, Cookiebot, OneTrust, Usercentrics, and any consent manager that supports script blocking.

Applies to: all Salespeak launchers loaded via widget.js.

How the integration works

Salespeak does not need a custom plugin or SDK to work with consent managers. The Salespeak widget is loaded by a single <script> tag that you place on your site, which means any consent manager that knows how to block and unblock <script> tags can control it.

The pattern every major consent manager uses is the same:

  1. You change the type attribute on the Salespeak script from the default text/javascript to text/plain (or whatever value the consent manager requires). Browsers will not execute a script with an unknown type, so Salespeak will not load.
  2. You add a marker attribute (for example data-consent="marketing" or data-cookieconsent="marketing") that tells your consent manager which cookie category this script belongs to.
  3. When the visitor accepts that category, the consent manager rewrites the type back to text/javascript and re-injects the script. The Salespeak widget then loads normally.
  4. If the visitor declines, the script is never executed, no cookies are set, and no requests are made to app.salespeak.ai.
Which cookie category should Salespeak go in?
Salespeak is a sales-engagement and analytics tool, so we recommend the Marketing category (sometimes called Targeting, Advertising, or C0004 in OneTrust). If your privacy policy classifies conversational analytics differently, use the category that matches your policy.

Verified compatibility

Salespeak has been tested end-to-end with the Secure Privacy consent management platform and confirmed to behave correctly: the widget remains fully blocked until a visitor accepts the relevant cookie category, and loads normally once consent is granted.

Because Salespeak relies on the standard type="text/plain" + marker-attribute pattern that every modern consent management platform supports, the same integration model also works with — but is not limited to — CookieHub, Cookiebot, OneTrust, Usercentrics, Termly, Iubenda, Osano, and Complianz. If your consent manager supports blocking third-party scripts via a type swap, it supports Salespeak.

Customer responsibility. The script tag that loads Salespeak is hosted on your site, so the consent gating is enforced by your consent manager configuration, not by Salespeak. Salespeak guarantees that no requests are made to app.salespeak.ai until the loader script is executed by the browser.

The general recipe

Take your existing Salespeak snippet, which looks like this: 

<script
  id="salespeak-widget-loader"
  src="https://app.salespeak.ai/widget.js"
  defer
  data-org-id="YOUR-ORG-ID"
  data-launcher="dynamic-launcher">
</script>

Add type="text/plain" and the marker attribute that your consent manager requires. For example, with CookieHub: 

<script
  type="text/plain"
  data-consent="marketing"
  id="salespeak-widget-loader"
  src="https://app.salespeak.ai/widget.js"
  defer
  data-org-id="YOUR-ORG-ID"
  data-launcher="dynamic-launcher"
  data-cookiehub="true">
</script>

That is the entire integration. No code change inside Salespeak is required.

Examples by consent manager

CookieHub

<script
  type="text/plain"
  data-consent="marketing"
  id="salespeak-widget-loader"
  src="https://app.salespeak.ai/widget.js"
  defer
  data-org-id="YOUR-ORG-ID"
  data-launcher="dynamic-launcher">
</script>

CookieHub looks for type="text/plain" together with data-consent="<category>". Valid categories are configured in your CookieHub dashboard (typically preferences, analytics, marketing).

Cookiebot

<script
  type="text/plain"
  data-cookieconsent="marketing"
  id="salespeak-widget-loader"
  src="https://app.salespeak.ai/widget.js"
  defer
  data-org-id="YOUR-ORG-ID"
  data-launcher="dynamic-launcher">
</script>

Cookiebot uses data-cookieconsent. Accepted values: preferences, statistics, marketing.

OneTrust

<script
  type="text/plain"
  class="optanon-category-C0004"
  id="salespeak-widget-loader"
  src="https://app.salespeak.ai/widget.js"
  defer
  data-org-id="YOUR-ORG-ID"
  data-launcher="dynamic-launcher">
</script>

OneTrust uses a CSS class of the form optanon-category-<ID>. C0004 is the default ID for the Targeting/Marketing category — confirm the exact ID in your OneTrust template before deploying.

Secure Privacy

<script
  type="text/plain"
  data-cookiecategory="targeting"
  id="salespeak-widget-loader"
  src="https://app.salespeak.ai/widget.js"
  defer
  data-org-id="YOUR-ORG-ID"
  data-launcher="dynamic-launcher">
</script>

Secure Privacy uses data-cookiecategory. Accepted values are functionality, performance, and targeting. Salespeak should typically be assigned to targeting. This integration has been validated end-to-end against the Secure Privacy CMP.

Usercentrics

<script
  type="text/plain"
  data-usercentrics="Salespeak"
  id="salespeak-widget-loader"
  src="https://app.salespeak.ai/widget.js"
  defer
  data-org-id="YOUR-ORG-ID"
  data-launcher="dynamic-launcher">
</script>

In Usercentrics you must first add Salespeak as a Data Processing Service in the admin console, then reference it by name in the data-usercentrics attribute.

Other consent managers (Termly, Iubenda, Osano, Complianz, …)

The same pattern applies. Check your provider's documentation for the exact attribute name they use to mark a blocked script — the rest of the Salespeak snippet stays unchanged.

Reference: a fully integrated tag

This is the form most CookieHub customers deploy:

<script
  type="text/plain"
  data-consent="marketing"
  id="salespeak-widget-loader"
  src="https://app.salespeak.ai/widget.js"
  defer
  data-org-id="1e94c895-3565-4437-acab-8cf5913c2cd1"
  data-launcher="dynamic-launcher"
  data-cookiehub="true"
  data-loaded="true">
</script>

What each attribute does:

Attribute Purpose
type="text/plain" Prevents the browser from executing the script until the consent manager rewrites the type.
data-consent="marketing" CookieHub marker — assigns the script to the Marketing cookie category.
id="salespeak-widget-loader" Stable ID for the loader. Useful for debugging and for any custom code that needs to reference the tag.
src The Salespeak widget loader URL.
defer Lets the rest of your page render before the widget initializes.
data-org-id Your Salespeak organization ID. Required.
data-launcher Which launcher to render (e.g. dynamic-launcher, floating-mascot, sticky-input).
data-cookiehub="true" Optional flag your team can use to identify CookieHub-managed deployments. Not required by Salespeak.
data-loaded="true" Optional internal marker — also not required by Salespeak. Some teams use it to track which tags have been processed by their tag manager.

Verifying the integration

After you deploy, run through this checklist:

  1. Open your site in a fresh incognito window and reject all non-essential cookies.
  2. Open DevTools → Network and filter for salespeak.ai. You should see no requests to app.salespeak.ai/widget.js. The Salespeak launcher should not appear on the page.
  3. Reload the page, this time accepting the Marketing category.
  4. You should now see widget.js load, followed by requests to brain.salespeak.ai, and the launcher should render.
  5. In DevTools → Application → Cookies, confirm that no Salespeak cookies are present until consent is granted.
Tip: Salespeak fires a window event called salespeakLaunchersScript_ready once the widget has finished loading. You can listen for it in DevTools to confirm post-consent initialization: 
window.addEventListener('salespeakLaunchersScript_ready', () => {
  console.log('Salespeak loaded after consent');
});

Common pitfalls

  • Forgetting type="text/plain". Without it, the script will run immediately on every page load — regardless of consent. The marker attribute alone (e.g. data-consent="marketing") does not block execution.
  • Wrong category name. Each consent manager has its own list of valid categories. Using a name your provider does not recognize will leave the script permanently blocked.
  • Loading Salespeak through Google Tag Manager. If GTM itself is gated by consent, you can rely on GTM's built-in consent settings instead of marking the Salespeak tag directly. Make sure the trigger requires the right consent state.
  • Caching. If you change the script tag and don't see the new behavior, clear your CDN/browser cache — the old, unblocked tag may still be served.

What Salespeak does once it loads

After consent is granted and the script executes, Salespeak behaves exactly as it does in a non-consent setup: it loads the configured launcher, sets the cookies needed for session continuity, and begins exchanging messages with the Salespeak brain. None of this happens before consent.

Need help? Reach out to your Salespeak account team and include your organization ID (the value of data-org-id) and the consent manager you're using.

Related articles