What is embedding
Embedding drops an agent into your own website as an<iframe>. Site visitors don’t log in to AskTable and don’t pick a data source or role — they open the page and ask questions in natural language.
It’s the fourth way an agent reaches the outside, alongside channels and scheduled tasks: channels connect to IM, scheduled tasks push on a schedule, and embedding serves the anonymous visitors on your website.
Typical scenarios
- A “self-service data” entry point on your marketing site or help center, where visitors ask and get answers themselves
- A query window in a customer portal that reads a specific slice of data
- An analysis helper bound to a fixed role, embedded in an internal wiki page
Configuration
An embed address contains:| Field | Description |
|---|---|
| Name | The display name, only used to tell your addresses apart in the dashboard |
| Role | Required. The address binds one fixed role (with fixed role variables), so every anonymous visitor asks within that role’s data scope and sees the same data boundary |
| Trusted domains | A toggle plus a domain allowlist. Off (default) = the origin is not checked, any site can embed; on = only domains on the allowlist may embed this address |
| Enabled | A toggle. A new address is enabled and usable right away; disabling it drops any in-progress session immediately |
How to configure
Name it and pick a role
Give it a name and choose a role as the visitor’s data scope. If the role needs role variables (such as
user_id), fill them in too — these are fixed for every visitor.Set trusted domains (optional)
By default the origin is not checked and any site can embed. To restrict it to specific sites, turn on Trusted domains and add each allowed domain to the allowlist (such as
https://example.com).Visitor experience
When a visitor opens the embedded page:- No login, and no picking a data source or role — they ask right away in the input box
- Answers stay within the data scope of the bound role
- They can switch between fast and deep thinking (fast by default, for a more immediate response)
- Refreshing within 24 hours continues the same conversation; after that it starts a new one automatically, and they can start over anytime with New conversation
Security model
Embedding faces anonymous public visitors, so it relies on several layers:- Fixed role data scope — visitors can only reach data the bound role allows; changing the role only affects conversations created afterward
- Unguessable address ID — the address ID is a random string (with an
emb_prefix) that doesn’t expose enumeration - Trusted-domain allowlist — with Trusted domains on, only pages on allowlisted domains can embed
- Disable stops it — disabling an address drops any in-progress session immediately
An embed is a public entry point. When you bind a role, make sure its data scope is appropriate to expose publicly.
Embedding vs channels
Both let external users use an agent, but in different forms:- Channel: connects to IM tools like Feishu, where users chat inside the IM
- Embedding: an iframe in your website, for anonymous web visitors, bound to one fixed role, where everyone sees the same data scope
