Prelaunch checklist
Before going live, consult this checklist as a simple resource to ensure you are ready for a successful launch.
Prelaunch configuration
Create verifications when users start the flow
Call verification creation endpoints (for example Perform access age verification) only after the user takes an action to begin verification. Don't pre-generate verifications or widget URLs for flows they might never start. See Best practices for more detail.
-
Product Configuration (in the Compliance Studio)
- Product details and branding configured
- Permissions properly mapped to game features (when applicable) in Permissions configuration
- Verification methods selected and configured
- Target origins properly configured for both test and production
-
API Integration
- Widget URLs generated correctly for all flows
- Event handlers implemented for all widget types
- Error handling implemented
- Fallback flows defined for edge cases
Security validation
-
Proper Environment Mapping
- Test API key calling test endpoints
- Live API key calling live endpoints
-
Origin Validation
- Event origin validation implemented
- Target origins configured in the Compliance Studio
- CSP headers configured if applicable
-
iframe Security
- Appropriate
allowpermissions set - Sandbox attributes reviewed
- No sensitive data in URL parameters
- Appropriate
Final validation
-
End-to-End Testing
- Complete user journeys tested
- Trusted Adult experience validated
- Session management working correctly
- Permission updates reflected in game
-
Compliance Verification
- Legal review completed
- Compliance Engine up-to-date
- Privacy policy updated
- Data handling procedures verified
- Audit trail capabilities confirmed
Once all checklist items are completed, you're ready to publish your configuration to the live environment and begin serving real users with the CDK.