An Interactive Token is basically a web page. You can use any technology you would use on the web and package it into a ZIP file. When packaging the files, make sure that the top level contains a file named index.html. A token zip might look like this for example:

.
├── index.html (mandatory)
├── style.css
├── index.js
├── js/
|   ├── lib1.js
|   └── lib2.js
└── styles/
    ├── style1.css
    └── style2.css

Make sure that all files are referenced relatively: (js/lib1.js and not /js/lib1.js). Also make sure you don't reference any external files or make external requests. These will all be blocked. If you're relying on third-party resources such as p5.js, please make sure you bundle them into your project and that it doesn't rely on any third-party references.

Presentation

Once the token is minted, it will run in a sandboxed iframe environment directly on objkt.com.

Allow features

The following permissions are enabled in the iFrame allow attribute:

accelerometer; camera; gyroscope; microphone; xr-spatial-tracking; midi;

Sandbox

By default, the iframe running your token is sandboxed with the following properties using the sandbox attribute:

allow-scripts allow-downloads

If the user enables Advanced Mode the allow-same-origin property will be added to the sandbox attribute:

allow-scripts allow-downloads allow-same-origin

Advanced Mode

Users have the option to enable Advanced Mode which adds the allow-same-origin property to the iFrame sandbox attribute (see above). The setting can be enabled and disabled globally in the user settings:

Or on a per-token basis directly in the token Properties tab: