The segment you couldn't build before
"Users who hit a JavaScript error in the last 30 days but haven't converted yet."
That's a segment every product team wants and almost none of them have. Building it from scratch requires instrumenting window.onerror, sanitizing whatever ends up in error messages before it hits your analytics warehouse, rolling dedup logic, wiring up consent gates, and getting engineering time to ship and maintain the whole thing. Most teams quietly skip it and keep flying blind — which means frustrated users leave without ever opening a support ticket, and product teams never see the correlation.
Onboardics captures this for you automatically, the moment the snippet loads. No instrumentation, no engineering ticket, no schema. Pair it with an audience segment and you can run a targeted modal — "Hit a snag? Our team is on standby" — to exactly the users sliding toward frustration churn.
How it works
Hooks two browser events
The snippet installs window.addEventListener('error', ...) and window.addEventListener('unhandledrejection', ...). Uses addEventListener rather than assignment, so your own error handlers keep working alongside it.
Redacts PII in-browser
Nine regex patterns strip Bearer tokens, API keys, query-string secrets, emails, UUIDs, long numeric IDs, credit-card-like sequences, phone numbers, and file paths. The redaction runs before the event is queued — nothing sensitive leaves the browser.
Deduplicated, capped, emitted
Errors are deduped on message + file + line + column (so a repeating error doesn't spam your events table) and capped at 10 per session. Everything else flows through the same /api/events pipeline as your clicks and page views.
Segments this unlocks
- Users who hit an error before converting: fired a
js_errorevent earlier in the session but haven't reached the activation milestone. Target with a modal: "Hit a snag? Our team is on standby." - Errors on the checkout page:
js_errorwherepage === /checkout. AI Insights will surface these as a funnel anomaly without you needing to go looking. - Repeat error victims: users who've hit
js_erroron more than 2 distinct sessions. Different from a one-off browser extension conflict — these users are genuinely blocked. - Errors by device type: cross-reference
js_errorwithdevice_typemetadata (captured automatically on every page view). Catches mobile-only bugs before your mobile NPS drops.
What gets redacted
Every error message and stack trace passes through a 9-pattern chain before the event is queued. The redaction runs in-browser, so redacted values never cross the wire.
| Pattern | Matches | Replaced with |
|---|---|---|
| Bearer tokens | Bearer eyJ... | [TOKEN] |
| Provider API keys | sk_live_*, pk_*, AKIA*, AIza*, ghp_* | [KEY] |
| Query-string secrets | ?token=, ?api_key=, ?auth=, ?password= | ?[PARAM]=[REDACTED] |
| Email addresses | Any name@domain.tld | [EMAIL] |
| UUIDs | Standard v1-v5 UUID formats | [UUID] |
| Long numeric IDs | 9+ consecutive digits in URLs or messages | [ID] |
| Credit-card-like sequences | 13-19 digit sequences (optionally with dashes/spaces) | [CC] |
| Phone numbers | E.164 + common US formats | [PHONE] |
| Home-directory paths | /Users/<name>, /home/<name> | /Users/[USER] |
Patterns are ordered most-specific first so tokens aren't mis-classified as generic IDs. The full regex chain lives in ERROR_REDACTORS inside v1.js — it's not obfuscated, you can audit it.
Default on, one-line opt-out
Error capture is on by default because the value of the pre-support-ticket signal far outweighs the noise. If your compliance posture requires it off, disable it in one line:
window.__onboardics.setErrorCapture(false);The preference persists to localStorage so it survives reloads. Setting it back to true re-enables capture. Consent gating also applies: if setConsent(false) was called (or Termly auto-detection reads declined consent), error events are dropped along with everything else.
What errors look like in your dashboard
Error events show up on the Events page with event_type = js_error and the following metadata:
message— the redacted error messagefile— source file (redacted for home-directory paths)lineno,colno— line and column numbersstack— full stack trace, redactedkind—errororunhandledrejection
AI Insights picks up a spike in error events as an anomaly and surfaces it on the Events Anomaly card without being asked. CSV export works the same way as every other event type.
Pricing
Automatic JS error capture is available on all tiers including Free. It's part of the tracking snippet — no plan-gate, no enterprise add-on, nothing to turn on. Install /v1.js and the signal starts flowing in.