FFriday · Docs
Open dashboard →
Configure

Action policy

Friday can take actions on the page — clicks, scrolls, form-fills, navigations, external links. The action policy is how you say which of these are allowed, and whether the visitor has to confirm first.

You set it in the dashboard at Agent → Actions.

Per-kind permissions

Each action kind has one of three modes:

  • auto — Friday does it immediately, no confirmation. The action shows up in the audit log either way.
  • confirm — Friday shows a small confirm bubble next to the target and waits for the visitor to click "Do it" before proceeding.
  • off — Friday won't do this kind of action. She can still describe what to do.

The kinds:

  • navigation — moving to another page on your site.
  • click — clicking buttons / links / tabs / accordions.
  • scroll — scrolling to a section.
  • form-fill — typing into form fields. Has its own submit flag — even if form-fill is auto, submission can require confirm.
  • external-link — opening links that leave your domain. Usually safest as confirm.
A reasonable default: navigation / click / scroll on auto, form-fill on confirm (with submit always confirm), external-link on confirm.

Allow / Deny / Confirm rules

Per-kind modes are the broad strokes. For fine-grained control, add URL regex rules:

  • Allow — force auto for matching URLs, even if the kind is otherwise confirm.
  • Deny — block matching URLs entirely, even if the kind is auto.
  • Confirm — force confirm for matching URLs.

Examples

  • Deny everything under /admin: rule type Deny, regex ^/admin(/|$).
  • Always confirm before a checkout link: Confirm, regex /checkout.
  • Auto-click your "Book a demo" CTA but confirm everything else: Allow, regex data-action="book-demo" on a click kind set to confirm.

How the rules combine

Evaluation order, first match wins:

  • 1. Deny rules — if any match, the action is blocked.
  • 2. Confirm rules — if any match, force confirm.
  • 3. Allow rules — if any match, force auto.
  • 4. Otherwise: fall back to the per-kind mode.

Audit log

Every action — successful, denied, confirmed, auto — is recorded with the visitor session ID, target selector, URL, and outcome. You see it in Dashboard → Actions. Use it to spot misfires and tighten your rules.