Skip to main content


If youre having trouble setting up the SDK, read on!

Common issues


The recordSDK won’t work unless it is using a valid API key and is running against a domain that has been whitelisted for that key. For example, if your website’s domain is “” and your API key does not have “” added as a domain, clicking the element the SDK is tied to won’t work and you’ll see an error in the console.

Timed out loading sdk

If you want to develop against localhost, use the sandbox API key that’s automatically created when you set up your developer account.

Check out our Loom explanation for more information on how to fix.

Missing UI

In some contexts like Shopify apps, the iframe that loads the SDK can be hidden. You can fix it by manually applying the style

div#loom-sdk-record-overlay-shadow-root-id {
display: block !important;


The following error message occurs when the referer header is missing in SDK requests:

Refused to display '' in a frame because it set 'X-Frame-Options' to 'deny'

Ensure the referer header is present with the value set to the origin of the page (this should match one of the domains associated with your application). Adding the following meta tag to your HTML template is one way to resolve this issue:

<meta name="referrer" content="origin">

Content-Scurity-policy (CSP)

# Example 1:
Refused to frame '' because it violates the following Content Security Policy directive...
# Example 2:
Content Security Policy: The page’s settings blocked the loading of a resource

When an error message like the above appears, it's likely that the CSP needs to be updated. See the documentation & examples on what needs to be added to the content-security-policy