Integrations

Connecting your own AI agent

Plug a custom AI agent (LangChain app, in-house model, custom GPT pipeline) into the SalesLobe reply loop - with governance, human review, and a full audit trail built in.

SalesLobe ships with Corty, our built-in AI. But if you’ve built your own agent, you can plug it straight into the reply loop instead:

  1. Fetch - SalesLobe pushes every new lead reply to your webhook endpoint.
  2. Decide - your agent reads the full thread and writes the response.
  3. Send - your agent posts the response back through the SalesLobe API.

SalesLobe stays in control of what actually goes out. Every send attempt from your agent is logged, and until your agent has earned autonomy, every draft goes through your team’s review queue first. Nothing reaches a lead without a human saying yes.

Available on Pro and Agency plans (API access). Full endpoint reference, payloads, and code samples live at docs.saleslobe.com under “External AI agents: fetch, decide, send - governed”.

Step 1 - Create an API key with exactly three scopes

Go to Settings -> Connections -> API Keys and generate a key with only these scopes:

ScopeWhy your agent needs it
leads.readFetch the full reply and conversation thread
replies.sendSubmit your agent’s response
webhooks.manageRegister your webhook endpoint

Don’t use a full-access (*) key for an agent integration. If the key ever leaks, the blast radius stays small, and your agent can’t touch anything it doesn’t need. You’ll see the key once - store it as a secret in your agent’s environment.

Step 2 - Register your webhook endpoint

Register the HTTPS endpoint where your agent listens, subscribed to the lead.replied event (add corty.suggested if you want Corty’s draft as a starting point for your agent):

POST /v1/webhooks
Header: X-SalesLobe-Key: <your API key>
Body: { name, url, events: ["lead.replied", "corty.suggested"] }

The response includes an HMAC secret (prefix whsec_) - shown once, store it safely.

Verify every delivery. Each webhook request carries an X-SalesLobe-Signature: sha256=<hex> header - an HMAC SHA-256 of the raw request body, signed with your whsec_ secret. Never process an event without verifying the signature first.

Step 3 - Handle the event and fetch the full reply

When a lead replies, your endpoint receives a lead.replied event containing the lead’s email, the reply_id, and a preview of the reply text.

The reply text in the webhook payload is truncated to 500 characters. Don’t let your agent decide based on the preview - always fetch the full reply and thread first via GET /v1/replies/<reply_id>. This returns the complete reply body plus the full conversation thread.

Step 4 - Send your agent’s response

POST /v1/replies/<reply_id>/send
Header: X-SalesLobe-Key: <your API key>
Body: { "body": "Hey John, great question - here is how that works..." }

If your agent started from a Corty suggestion and edited it, include original_suggestion and edited: true in the request - SalesLobe measures the edit distance and learns from your agent’s adjustments.

What “queued for review” means

A new agent starts at autonomy level 0. At level 0, every send returns HTTP 202 with:

{
  "status": "queued_for_review",
  "reply_id": "...",
  "reason": "no_active_autonomy_grant"
}

This is not an error - it’s the product working as designed. Your agent’s draft landed safely in the SalesLobe inbox, where your team reviews it and approves the send with one click.

A few things your integration should know:

  • Don’t retry a 202. The draft is already queued. Retrying is harmless (the call is idempotent - there’s never more than one pending draft per reply), but it’s not needed.
  • Treat 202 as success-with-pending, not as a failure.
  • Approval happens in the SalesLobe inbox - the same review queue your team already uses for Corty’s suggestions.

How autonomy grows

Autonomy is earned, not assumed. Every send attempt your agent makes is logged - what it wrote, when, and what happened next. As your agent builds a track record, the organization owner can grant it a higher autonomy level. At a sufficient autonomy level, sends go out directly: the same API call returns 200 with "status": "sent" instead of 202. Your code doesn’t change - only the response does.

Build your integration to handle both "sent" and "queued_for_review" from day one, and the transition is seamless.

Where you can see everything your agent did

Open any reply in the SalesLobe inbox and you’ll find the Decision Trail: a chronological log of every action on that reply - your agent’s submissions (labeled External agent - via API, with the API key name), Corty’s suggestions, human approvals, and sends. This is your audit trail - if a client ever asks “who sent this and why,” the answer is one click away.

Pricing

Governance-only sends (your agent supplies the reply text itself) are metered; pricing is being finalized during the partner pilot. The full pipeline - where Corty generates the suggestion via the API - costs 1 credit per suggestion.

Quick checklist

  • API key created with only leads.read, replies.send, webhooks.manage
  • Webhook registered for lead.replied (and optionally corty.suggested)
  • HMAC signature verified on every incoming event
  • Full reply fetched via GET /v1/replies/:id before deciding (webhook preview is truncated at 500 characters)
  • 202 queued_for_review handled as success-with-pending, no retries
  • Both "sent" and "queued_for_review" response paths handled

Questions? Reach out to the team - we’re actively onboarding integration partners.