Meet your users where they’re at. In-product prompts allow you to ask for in-the-moment feedback using a popover on your website that links to your maze.
In this article:
- Who can use this feature?
- Connect your website to Maze
- Current limitations
- Create an in-app prompt
- Previewing your prompt
- Check the status of your prompt
- Edit a prompt or remove it from your website
- Security and performance FAQs
Who can use this feature?
Prompts are available for all plans.
There are currently no role restrictions for who can create an in-product prompt.
Connect your website to Maze
Before enabling Maze Prompts on your live website for the first time, you’ll need to install a tracking code that enables this feature to run on your website.
Learn how to install the Maze snippet on your website
- Mazes can't be answered directly within your website. The prompt is a popover on your website that links to your maze on a separate tab.
You can set up a redirect on the Thank You screen to send users back to your website once they've completed the maze. Learn more about setting up URL redirects at the end of a test
- It isn't currently possible to preview the popover directly on your website before publishing it. However, the prompt editor will display a preview of how the popover will look like.
- Prompts are only available for websites. It's not currently possible to set up a prompt on a native mobile app (i.e. iOS or Android).
- The 'Display when' field is not currently editable. All prompts are displayed immediately after the page is loaded; it's not currently possible to set a delay for the prompt.
- It's also not possible at the moment to display the prompt after a certain event is triggered.
If you'd be interested in any of the features listed above, please let us know!
Create an in-product prompt
To add a Maze Prompt to your website, open the Share page for your live maze, and click In-Product Prompt.
This will open the prompt editor, which includes three steps:
You'll be able to come back to the editor and make changes to both content and audience after publishing. Learn more in the section 'Edit an existing prompt'
First, you’ll set up the content of the popover:
- Internal prompt name
- Title (100 characters limit)
- Description (280 characters limit)
- Button/CTA (25 characters limit)
If the character limit is exceeded, you won't be able to move forward.
It isn't currently possible to preview the popover directly on your website before publishing it. However, on the right-hand side of the editor, you'll see a preview of how the popover will look like.
When you’re happy with the content, click Next.
You can customize the button (e.g. to use your brand colors), as well as the position of the prompt on your website.
- Text color
- Background color
- Border radius (px)
- Bottom right
- Bottom left
- Middle right
- Middle left
When you’re happy with the appearance of the prompt, click Next.
Finally, you’ll choose where and to whom the prompt will be displayed.
- Connected website: Select one of the websites you’ve previously connected, or connect a new one.
- Display on: Choose whether you want to display the prompt on every page of the selected website or on specific pages. Learn more about URL patterns
Users: Select All users to show the prompt to every visitor on that page, or Specific users to show it to a specific Amplitude cohort. Learn how to connect Maze to Amplitude
At the moment, it's only possible to target your prompts to specific users through the Amplitude integration. If you'd be interested in an integration with a different tool (e.g. Salesforce, Contentsquare), please share your feedback with our team!
- Device type: Choose on which devices the prompt should be displayed: users visiting your website on desktop, tablet, and/or mobile devices.
Once you’re ready, click Create Prompt. This will make the prompt immediately live on your website. You'll be able to pause it at any time.
Previewing your prompt
It isn't currently possible to preview the popover directly on your website before publishing it. However, the prompt editor will display a preview of how the popover will look like.
To get a better idea of how the prompt will look like, you can also publish it on a staging environment beforehand, or use it on an online code editor such as Glitch or CodePen.
Check the status of your prompt
Every prompt you create will be listed on the Share page.
Click the prompt to see more details.
In this modal, you'll have access to quick actions related to the modal, and to a preview of its content, appearance, and audience.
Click the prompt on the maze Share page to see more details.
At the top of the modal, you'll see quick actions for the prompt: edit the prompt, or stop/restart it.
Edit an existing prompt
At the top of the details panel, under 'Quick actions', click Edit prompt to edit the content, appearance, and audience of the prompt.
This will take you back to the prompt editor.
Pause/restart the prompt on your website
At the top of the details panel, under 'Quick actions', click Pause to disable the prompt on your website.
To make the prompt visible again on your website, click Start.
Can I remove the Maze branding from the prompt?
Users on all plans can create and use prompts. However, removing the Maze branding requires an Organization plan.
Is the prompt automatically localized?
All the text within the popover (title, body, CTA) needs to be manually set. This text is not automatically translated into your tester's browser language.
As a workaround, if the website where the prompt is displayed has different URLs for different languages, you can create multiple prompts targeted at specific URLs, with text in each of the languages you're targeting.
For instance, if you're targeting Spanish-speaking users, set up the content of a prompt in Spanish. Then, when defining the audience, select Specific pages under 'Display on', and enter the specific URL that targets Spanish-speaking users — e.g.
What happens if I set up more than one prompt in the same URL?
Prompts are displayed one at a time in each session.
If you set up multiple prompts on the same URL, the oldest prompt will be displayed first.
Subsequent page reloads (for instance, if the user refreshes or returns to the page after interacting or dismissing the prompt) will display the next prompts, from the oldest until the most recent.
Can I use prompts on password-protected websites?
Yes — prompts will work on a password-protected website, provided that the snippet has been correctly installed, and the tester has been given the password and is able to access the website.
What happens if a prompt is enabled on one specific page, and then added to another?
Prompts are specific to a domain. Once the prompt is live for a domain, testers can interact with it only once. Even if you enable prompts for separate pages, users who clicked the CTA or dismissed the prompt will not see it again.
Security and performance FAQs
Will the Maze script slow down my website?
The Maze script is designed to have a very minimal impact on the performance of your website. It shouldn't take more than a few milliseconds to load, and this shouldn't be noticeable at all to your website users.
The Maze script loads asynchronously. Your website will continue to load while the Maze script is being executed.
This means that, even if the script fails to load (which is unlikely), your website will still continue to render as expected without the script.
The Maze tracking code you install on your website is used to dynamically run a loader that powers the testing on your website. The tracking code is less than 1KB.
The dynamic loader is less than 10KB and only runs in specific circumstances:
- the loader only runs if the API has a valid response;
- the API keys are only valid for each domain you configure;
- the code for either live website testing or the in-product prompt is only triggered if the destination site is opened on a new tab. If this first check is passed, we send a post message to the tab that opened the site, and attach an event listener to wait for the response. The rest of the live website testing code is only triggered if we get the proper response in the first minute. Otherwise, it will have no further impact.
If either of the conditions above is not met, the script is not loaded at all.
Content Delivery Network (CDN)
The dynamic loader is served by a Content Delivery Network (CDN).
A CDN is a distributed network of servers that delivers content based on a user's geographic location. It does this by storing copies of the content on servers located in different places around the world. When someone visits a website using a CDN, the content is delivered to their device from the server closest to them, reducing the distance it needs to travel and making it load faster.
Using a CDN allows us to serve the loader faster, more reliably, securely, and with reduced data usage.
The script uses session-based caching. The script is loaded only once, even when the user navigates through multiple pages.
Content Security Policy (CSP) directives
A Content Security Policy (CSP) is a security feature that helps protect websites from security threats and vulnerabilities. It does this by specifying the type of content (e.g. scripts, images, videos) that can be loaded on a website, and from which sources they can be loaded. This helps mitigate certain types of malicious attacks, such as cross-site scripting (XSS), clickjacking, and data injection attacks.
If you have a CSP implemented, you'll need to add a directive that allows files to be loaded from Maze in order to allow the Maze script to work on your website.
Default: If using a default CSP, we recommend adding the Maze domain as a trusted source in the default-src rules:
Stricter: If your organization requires stricter restrictions, we recommend the settings below:
script-src https://*.maze.co/ font-src https://*.maze.co/ style-src https://*.maze.co/ connect-src https://*.maze.co/ img-src https://*.maze.co/ style-src https://*.maze.co/
Strictest: If your CSP requires additional granularity, the following are the minimum rules required for the Maze script to work. Please note that this list is subject to change as this feature evolves. In that case, you'll need to update your CSP directives so that the snippet can continue to work.
script-src https://snippet.maze.co/ font-src https://snippet.maze.co/ style-src https://snippet.maze.co/ img-src https://snippet.maze.co/ style-src https://snippet.maze.co/ connect-src https://api.maze.co/ https://prompts.maze.co/
What measures are in place to ensure the security of the script?
Any changes to the script are subject to Maze’s change control policy.
Access to code changes is restricted to authorized employees only. All changes must go through code review and testing before deployment.
The script is hosted as part of our general platform infrastructure, with access restricted to authorized employees.
To learn more about the steps Maze takes to keep your data safe, please check out maze.co/security and compliance.maze.co.
Is the script open-source?
The Maze tracking script is closed-source. By keeping the source code closed, Maze controls how the script is developed and distributed.
What data does Maze collect from my testers?
Still need help?
If you have any questions or concerns, please let our Support team know — we'll be happy to help!