AI Agent Management

Integrations

Connect your Docimal agent with third-party platforms and services to extend functionality, sync data, and automate workflows across your tech stack.

Overview

Connect your Docimal agent with third-party platforms and services to extend functionality, sync data, and automate workflows. Integrations enable your agent to send notifications, schedule events, update CRMs, and interact with your existing tech stack.

Pre-Built Integrations

Ready-to-use connectors for popular platforms like Slack, Teams, Discord, Zapier, and more with OAuth or API key authentication.

Secure Authentication

OAuth 2.0, API keys, and webhook secrets are encrypted and stored securely. Credentials are never exposed in logs or responses.

Bi-Directional Sync

Send data from Docimal to external services and receive webhooks from external platforms to trigger workflows and update your agent.

Custom Integrations

Build custom integrations using REST APIs, webhooks, and custom actions to connect with any service that has an API.

Integration Dashboard Screenshot

Pro Tip: Start with OAuth integrations for popular platforms like Slack and Teams for quick setup. Use API keys for services that require more control. Custom webhooks are perfect for internal tools or custom applications.

Available Integrations

Docimal supports a wide range of integrations across communication, automation, CRM, and productivity platforms. Each integration has specific capabilities and authentication requirements.

Communication Platforms

Slack

OAuth 2.0 • Messaging & Notifications

Send notifications to Slack channels, post messages, and receive commands from users. Perfect for team alerts, workflow updates, and support escalations.

Send MessagesFile UploadChannel ManagementSlash Commands

Microsoft Teams

OAuth 2.0 • Messaging & Notifications

Post adaptive cards to Teams channels, send direct messages, and integrate with Microsoft 365. Ideal for enterprise environments using Microsoft ecosystem.

Adaptive CardsChannel PostsDirect MessagesMeeting Notifications

Discord

Bot Token • Messaging & Community

Deploy your agent as a Discord bot, respond to mentions and commands, and post updates to channels. Great for community engagement and gaming platforms.

Bot CommandsEmbedsRole ManagementVoice Channels

Automation & Workflow Tools

Zapier

Webhook • Automation

Connect Docimal to 5,000+ apps via Zapier. Trigger Zaps from conversations, workflow events, and form submissions.

Make (Integromat)

Webhook • Automation

Build advanced workflows with Make's visual automation builder. Send data from Docimal to any connected service.

Business Tools

CRM Platforms

API Key • Customer Data

Sync contacts, leads, and deals with HubSpot, Salesforce, Pipedrive, and other CRMs. Automatically create records from conversations.

Calendar Services

OAuth 2.0 • Scheduling

Integrate with Google Calendar, Outlook, and Calendly. Enable appointment booking, availability checks, and event creation.

Email Services

SMTP / API Key • Communications

Send emails via SendGrid, Mailgun, Postmark, or SMTP. Transactional emails, notifications, and automated follow-ups.

Custom Webhooks

Webhook Secret • Any Service

Send HTTP requests to any endpoint. Perfect for internal APIs, custom applications, and services without native integrations.

Integration Catalog Screenshot

Need more integrations? Request new integrations through the Docimal support portal or use custom webhooks and API actions to connect with any service.

Setting Up Integrations

Follow these steps to connect an integration to your workspace. The setup process varies depending on the authentication method (OAuth, API Key, or Webhook).

General Setup Steps

Navigate to Integrations

Go to your workspace dashboard and select Integrations from the sidebar. Browse the integration catalog to find the service you want to connect.

Select Integration

Click on the integration card to view details, capabilities, and authentication requirements. Review the permissions and scopes that will be requested.

Configure Credentials

For OAuth integrations, click Connect and authorize Docimal to access your account. For API key integrations, enter your API key, secret, or token in the configuration form.

Test Connection

Use the Test Connection button to verify that your credentials are valid and Docimal can communicate with the service. Check for any errors or permission issues.

Use in Workflows

Once connected, the integration becomes available in your workflow actions. Select the integration when creating actions like "Send Slack Message" or "Create CRM Contact."

Integration Setup Flow Screenshot

Connection Management: You can create multiple connections for the same integration (e.g., different Slack workspaces). Each connection has a unique name and can be selected individually in workflows.

OAuth Integrations

OAuth 2.0 provides secure, token-based authentication that doesn't require sharing passwords. Popular platforms like Slack, Teams, Google, and Microsoft use OAuth for third-party access.

OAuth Setup Process

Authorization Flow

User consent and token exchange

1. Authorization Request: Docimal redirects you to the service's authorization page

2. User Consent: You review and grant permissions to Docimal

3. Token Exchange: Service returns an authorization code to Docimal

4. Access Token: Docimal exchanges the code for an access token

5. Connection Active: Token is stored securely and used for API requests

Token Management

Automatic refresh and security

Automatic Refresh: Access tokens are automatically refreshed before expiration

Secure Storage: Tokens are encrypted at rest using AES-256 encryption

Revocation: Delete a connection to revoke access and invalidate tokens

Expiration Alerts: Receive notifications when tokens expire or fail to refresh

Workspace OAuth Apps

Custom OAuth credentials for enterprise

Custom Client ID: Use your own OAuth app for full control and branding

Enterprise Plans: Available for Pro and Enterprise workspaces

Setup: Register an OAuth app with the service, then configure Client ID and Client Secret in Docimal

Benefits: Higher rate limits, custom redirect URIs, and organization-wide access

OAuth Flow Diagram Screenshot

OAuth Scopes: Each integration requests specific permissions (scopes). Review these carefully during authorization to understand what data Docimal will access. You can revoke access anytime from the integration settings.

API Key Integrations

API keys provide direct access to services without OAuth flows. You'll need to generate an API key from the service's settings and enter it in Docimal's integration configuration.

Common API Key Integrations

SendGrid (Email)

•Create API key in SendGrid settings with Mail Send permission
•Copy the generated key (only shown once)
•Paste into Docimal API Key field and test connection

Field: API Key (Bearer token for Authorization header)

OpenAI (Custom Models)

•Generate API key from OpenAI account dashboard
•Configure project and organization IDs if needed
•Test with a simple completion request

Fields: API Key, Organization ID (optional)

HubSpot (CRM)

•Create private app in HubSpot with required scopes
•Copy access token from app settings
•Configure in Docimal and verify contact creation permissions

Field: Access Token (from private app)

Discord (Bot)

•Create bot application in Discord Developer Portal
•Enable message content intent and bot permissions
•Copy bot token and invite bot to your server

Fields: Bot Token, Server ID (Guild ID)

Security Best Practices

•Never share API keys in logs, screenshots, or support messages
•Use scoped keys with minimum required permissions
•Rotate keys regularly and immediately if compromised
•Monitor API usage for unexpected activity

API Key Configuration Screenshot

Webhooks

Webhooks enable real-time, event-driven communication between Docimal and external services. Send data to external endpoints or receive events from external platforms to trigger workflows.

Outgoing Webhooks

Send HTTP POST requests from Docimal to external endpoints when events occur or workflows trigger custom actions.

✓Custom payload with conversation data
✓Configurable headers and authentication
✓Retry logic with exponential backoff
✓Response validation and error handling

Incoming Webhooks

Receive HTTP requests from external services to trigger workflows, update data, or send messages to your agent.

✓Unique webhook URL for each connection
✓Signature verification for security
✓JSON and form data support
✓Automatic workflow triggering

Webhook Configuration Example

json

{
  "url": "https://api.yourservice.com/webhooks/docimal",
  "method": "POST",
  "headers": {
    "Authorization": "Bearer YOUR_API_KEY",
    "Content-Type": "application/json"
  },
  "body": {
    "event": "conversation.completed",
    "conversationId": "{{conversation.id}}",
    "userId": "{{user.id}}",
    "userEmail": "{{user.email}}",
    "messages": "{{conversation.messages}}",
    "timestamp": "{{timestamp}}"
  }
}

Webhook Configuration Screenshot

Testing Webhooks: Use tools like webhook.site or ngrok to test incoming webhooks locally. For outgoing webhooks, check the delivery logs in Docimal to debug failed requests and inspect payloads.

Custom Integrations

Build custom integrations using Docimal's custom action system and REST APIs. Perfect for internal tools, legacy systems, or services without pre-built connectors.

Custom HTTP Actions

Create workflow actions that make HTTP requests to any API. Configure method, headers, body, and response handling with JavaScript transformations.

Database Queries

Execute SQL queries against external databases using secure connection strings. Perfect for retrieving or updating records in real-time.

GraphQL Support

Make GraphQL queries and mutations to modern APIs. Define queries with variables and handle complex response structures.

JavaScript Functions

Write custom JavaScript code to process data, transform responses, and implement complex business logic within workflows.

Example: Custom API Integration

javascript

// Custom action to check inventory and create order
async function createOrder(userId, productId, quantity) {
  // Check inventory
  const inventory = await fetch(`https://api.yourstore.com/inventory/${productId}`, {
    headers: { 'Authorization': 'Bearer YOUR_API_KEY' }
  }).then(r => r.json());

  if (inventory.stock < quantity) {
    return { success: false, message: 'Insufficient stock' };
  }

  // Create order
  const order = await fetch('https://api.yourstore.com/orders', {
    method: 'POST',
    headers: {
      'Authorization': 'Bearer YOUR_API_KEY',
      'Content-Type': 'application/json'
    },
    body: JSON.stringify({ userId, productId, quantity })
  }).then(r => r.json());

  return {
    success: true,
    orderId: order.id,
    total: order.total,
    estimatedDelivery: order.deliveryDate
  };
}

Custom Action Editor Screenshot

Token Strategies

When a workflow makes an HTTP request to an external API, it needs authentication credentials. Docimal supports three strategies for resolving which token to use, depending on your use case.

Service Account (default)

One shared token per workspace. The admin configures credentials once, and all workflow executions use the same connection token. Best for bot tokens, API keys, and shared service accounts.

Examples: Slack Bot Token, SendGrid API Key, Twilio, shared CRM account

Per-User OAuth

Each user authorizes their own account with the external service. When a workflow runs, it uses the token of the user who triggered it. Actions are attributed to the actual user, not a shared account.

Examples: Jira (each employee creates tickets as themselves), Google Workspace, Salesforce

How it works: Admin sets up OAuth app credentials (clientId/clientSecret) → Each user goes to My Integrations and clicks “Connect” → User is redirected to OAuth consent screen → Personal token is saved and used in workflows.

Token Passthrough

The token is passed from the embedding application at the time the chat session is initialized. This is ideal for enterprises that embed the Docimal chatbot inside their own web portal where users are already authenticated.

Examples: Internal ERP/CRM systems, custom enterprise portals, internal ordering systems

javascript

// Embed code in the enterprise's web application
DocimalChat.init({
  chatbotId: 'your-chatbot-id',
  tenantId: 'your-tenant-id',
  userId: currentUser.id,
  userName: currentUser.name,
  metadata: {
    // Pass the user's internal API token
    apiToken: currentUser.internalApiToken,
    employeeId: currentUser.employeeId,
    department: currentUser.department,
  },
});

Then in the HTTP Request card, reference the token using variable interpolation:

json

{
  "headers": {
    "Authorization": "Bearer {{user.metadata.apiToken}}"
  },
  "body": {
    "employeeId": "{{user.metadata.employeeId}}",
    "department": "{{user.metadata.department}}"
  }
}

The metadata object is fully flexible — your enterprise decides what to pass. Any key you include is accessible in workflows as {{user.metadata.keyName}}. Sensitive fields (containing “token”, “secret”, “password”) are automatically encrypted at rest.

Choosing a Strategy

Question	Service Account	Per-User OAuth	Passthrough
Who provides the token?	Admin	Each user	Embed code
User identity preserved?	No (shared)	Yes	Yes
OAuth required?	Optional	Yes	No
Best for	Bots, notifications	SaaS integrations	Internal APIs

Best Practices

Follow these recommendations to build reliable, secure, and maintainable integrations with Docimal.

Use Environment-Specific Credentials

Maintain separate API keys and OAuth apps for development, staging, and production environments. Never use production credentials in test environments to prevent accidental data modifications.

Handle Rate Limits Gracefully

Monitor API rate limits and implement retry logic with exponential backoff. Cache frequently accessed data and batch requests when possible. Configure workflow delays to stay within service limits.

Validate Webhook Signatures

Always verify webhook signatures to prevent unauthorized requests and replay attacks. Use the provided webhook secret to validate HMAC signatures and check timestamp freshness.

Monitor Integration Health

Regularly review integration logs, error rates, and response times in the Docimal dashboard. Set up alerts for failed connections, expired tokens, and rate limit violations.

Document Custom Integrations

Add clear descriptions, code comments, and documentation for custom webhooks and actions. Include credential setup instructions, API endpoint details, and expected response formats for team members.

Test Before Production

Use the test connection feature and workflow playground to verify integrations before deploying to production. Test error scenarios, rate limiting, and edge cases to ensure reliability.

Workflows Memory