> ## Documentation Index
> Fetch the complete documentation index at: https://connect-docs.supertab.co/llms.txt
> Use this file to discover all available pages before exploring further.

# Other CDNs

> Manual SDK integration for CDN platforms without a dedicated reference page.

If your CDN is not Fastly, CloudFront, or Cloudflare, use the generic SDK API to build your own integration. The [Deploy in Your CDN](/guides/deploy-cdn) guide covers the general pattern for RSL license serving — adding an origin, routing `/license.xml`, and rewriting the URL. This page focuses on CAP enforcement using the SDK directly.

***

## SDK Setup

```bash theme={null}
npm install @getsupertab/supertab-connect-sdk
```

```javascript theme={null}
import { SupertabConnect } from "@getsupertab/supertab-connect-sdk";

const supertab = new SupertabConnect({
  apiKey: "YOUR_MERCHANT_API_KEY",
});
```

Bot detection is configured at construction time. Pass a `botDetector` function to extend or override the built-in user-agent heuristics:

```javascript theme={null}
const supertab = new SupertabConnect({
  apiKey: "YOUR_MERCHANT_API_KEY",
  botDetector: (request) => {
    const ua = request.headers.get("User-Agent") || "";
    // Add your CDN-specific signals or custom logic here
    return ua.includes("MyBot");
  },
});
```

***

## Option A: `handleRequest` (Recommended)

The `handleRequest` method handles the full lifecycle — bot detection, token extraction, verification, enforcement, and analytics recording — in one call. Pass an optional `ExecutionContext` if your runtime supports background tasks.

```javascript theme={null}
async function handler(request, ctx) {
  return supertab.handleRequest(request, ctx);
}
```

***

## Option B: Manual Verification

For fine-grained control over responses or custom routing, use `verifyAndRecord` directly:

```javascript theme={null}
async function handler(request) {
  // Extract the license token
  const auth = request.headers.get("Authorization") || "";
  const token = auth.startsWith("License ") ? auth.slice(8) : "";

  const LICENSE_URL = "https://yourdomain.com/license.xml";

  if (!token) {
    return new Response("License token required", {
      status: 401,
      headers: {
        "WWW-Authenticate": `License error="invalid_request"`,
        Link: `<${LICENSE_URL}>; rel="license"; type="application/rsl+xml"`,
      },
    });
  }

  const result = await supertab.verifyAndRecord({
    token,
    resourceUrl: request.url,
    userAgent: request.headers.get("User-Agent"),
  });

  if (!result.valid) {
    return new Response(`Access denied: ${result.error}`, {
      status: 401,
      headers: {
        "WWW-Authenticate": `License error="${result.reason}"`,
        Link: `<${LICENSE_URL}>; rel="license"; type="application/rsl+xml"`,
      },
    });
  }

  return fetch(request);
}
```

The `WWW-Authenticate` and `Link` headers in the 401 responses follow the CAP specification and tell the crawler where to obtain a license.

***

## Related Docs

<CardGroup cols={2}>
  <Card title="Deploy in Your CDN" icon="shield" href="/guides/deploy-cdn">
    General deployment guide covering RSL serving, CAP, and robots.txt.
  </Card>

  <Card title="SDK Overview" icon="code" href="/reference/sdk">
    Full API reference for all SDK methods across languages.
  </Card>
</CardGroup>
