> ## Documentation Index
> Fetch the complete documentation index at: https://docs.encoreos.io/llms.txt
> Use this file to discover all available pages before exploring further.

# Website Chatbot Widget — Integration Document

> Version: 1.0.0 Last Updated: 2026-03-08 Status: ✅ Implemented (Phase 1)

**Version:** 1.0.0\
**Last Updated:** 2026-03-08\
**Status:** ✅ Implemented (Phase 1)

***

## Overview

PF-68 provides a configurable, embeddable website chatbot widget for external visitor engagement. It integrates with PF-27 (Platform AI) for RAG-based responses and CE-01 (Contacts/Leads) for lead capture.

## Architecture

* **Widget:** Route-based (`/chatbot/widget`) served in an iframe via `public/chatbot/embed.js`
* **Admin UI:** `/settings/chatbot` — tabbed config page (General, Knowledge, Lead Capture, Embed Code)
* **Edge Functions:** `chatbot-session`, `chatbot-message`, `chatbot-lead-capture`
* **Database:** `pf_chatbot_configs`, `pf_chatbot_sessions`, `pf_chatbot_messages`

## Integration Points

| Integration                | Pattern                | Direction     | Status     |
| -------------------------- | ---------------------- | ------------- | ---------- |
| PF-27 (Platform AI)        | Edge Function call     | PF-68 → PF-27 | ✅          |
| CE-01 (Contacts/Leads)     | Edge Function insert   | PF-68 → CE    | ✅          |
| PF-60 (RAG Infrastructure) | Knowledge base context | PF-68 → PF-60 | 📝 Phase 2 |
| PF-67 (Internal Messaging) | Live handoff           | PF-68 → PF-67 | 📝 Phase 2 |

## Event Contracts

### `pf_chatbot_lead_captured`

* **Publisher:** `chatbot-lead-capture` edge function
* **Subscribers:** CE-01, PF-35 (webhooks)
* **Payload:**
  ```json theme={null}
  {
    "organization_id": "uuid",
    "session_id": "uuid",
    "contact_id": "uuid",
    "lead_id": "uuid",
    "visitor_name": "string",
    "visitor_email": "string"
  }
  ```

## Security

* All edge functions use `verify_jwt: false` with domain validation and session JWT
* RLS policies use `pf_has_permission()` (4-arg) for authenticated admin access
* Widget is anonymous; no auth.uid() available for visitor sessions

## Permissions

| Permission Key               | Roles                   |
| ---------------------------- | ----------------------- |
| `pf.chatbot.manage_settings` | org\_admin              |
| `pf.chatbot.view_sessions`   | org\_admin, site\_admin |