Developer docs

Drop one script to render the verified badge and start counting. Optionally attach who your visitors are — by JavaScript on the page, or server-to-server over REST.

Install the badge

Paste this once on your site. The same script renders the badge and reports traffic — that coupling is what makes the badge impossible to fake.

<script async src="https://affstat.net/embed.js" data-key="YOUR_SITE_KEY"></script>

Find YOUR_SITE_KEY in your dashboard under Badge & embed. The key is public and only works on the domain you registered.

Variants & theme

Optional attributes:

  • data-variantbadge (default) · counter · seal · retro
  • data-themedark (default) · light
<script async src="https://affstat.net/embed.js"
  data-key="YOUR_SITE_KEY" data-variant="counter" data-theme="light"></script>

Positioning

By default the badge appears where the script tag sits. To place it anywhere else, drop an empty slot — the badge fills it, and the script can load from anywhere on the page:

<!-- badge renders here -->
<div data-affstat-slot></div>

<!-- load once, e.g. before </body> -->
<script async src="https://affstat.net/embed.js" data-key="YOUR_SITE_KEY"></script>

Identify visitors (JavaScript)

Already know who the visitor is (logged-in user, lead, subscriber)? Attach their identity to the live session — it shows up in your Log and Live views and powers per-visitor analytics. Paste this where you know the user (after login, on a lead form):

<script>
// the first line buffers the call until the badge script loads —
// so it is safe to place this ABOVE or BEFORE the embed, in any order
window.affstat = window.affstat || function(){(affstat.q=affstat.q||[]).push(arguments)};

affstat('identify', {
  uid:   'YOUR_INTERNAL_USER_ID',  // your own id (recommended)
  name:  'Jane Cooper',
  email: '[email protected]',
  phone: '+1 555 0100',
  tg:    '@janecooper',
  // any extra fields are stored as custom traits:
  plan:  'gold',
  country: 'US'
});
</script>
Common mistake: calling affstat('identify', …) without that first window.affstat = … line. Because the badge script loads async, your call often runs first and throws affstat is not defined — and nothing is sent. The stub line fixes it.

All fields are optional except that at least one must be present. Data is bound to the visitor server-side and only accepted from your registered domain.

REST API

Enrich identities from your backend (no browser needed). Authenticate with your site_key + secret and key the record by your own uid. It applies to every visitor already linked to that uid and to any who identify with it later.

POST https://affstat.net/api/identify 
curl -X POST https://affstat.net/api/identify \
  -H 'Content-Type: application/json' \
  -d '{
    "site_key": "YOUR_SITE_KEY",
    "secret":   "YOUR_SECRET",
    "uid":      "YOUR_INTERNAL_USER_ID",
    "name":     "Jane Cooper",
    "email":    "[email protected]",
    "phone":    "+15550100",
    "tg":       "@janecooper",
    "plan":     "gold"
  }'

Response:

{ "ok": true, "uid": "YOUR_INTERNAL_USER_ID", "linked": 3 }

linked is how many existing visitors were updated. uid is required; any non-standard field is stored as a custom trait.

Keys & secrets

  • site_keypublic. Goes in the embed snippet. Bound to your domain; harmless if seen.
  • secretprivate. Server-side only — for REST auth. Never put it in client-side code or a public repo.

Both are shown on your site's Badge & embed page. If a secret leaks, rotate it there.

Get your site verified and grab your keys.

Отримати бейдж