Integrations
The third-party services Teleperson talks to — what they do, where their credentials live, and how they're isolated.
Teleperson integrates with several third-party services. Each has a focused job and a well-defined trust boundary. Credentials always live on the backend (Edge Function environment variables); the extension never holds a third-party secret.
Anthropic Claude
What it does: Powers the AI Company Overview, Ask AI, Similar companies, the Chat Co-pilot drafting loop, and the binding-action classifier inside the co-pilot.
Where the key lives: Server-side as ANTHROPIC_API_KEY in Edge
Function environment variables. There's an optional BYO API key mode
for power users — they paste their own Anthropic key into admin settings
and Ask AI calls go directly from the extension to Anthropic, bypassing
the Teleperson backend.
What's cached: Company-level overviews are cached once across all users. Per-user Ask AI calls aren't cached.
Stripe
What it does: Subscription billing for Teleperson itself — Pro and Enterprise upgrades, the Stripe Account tab that surfaces invoices, and webhook-driven plan transitions.
Where the key lives: STRIPE_SECRET_KEY server-side. Payment Links
(public URLs) are configured in Billing settings and
can be safely embedded.
PCI scope: Card data never touches Teleperson. Stripe handles the
Payment Link checkout and Customer Portal flows. We see Stripe IDs
(cus_…, sub_…, in_…) and statuses; never raw cards.
Plaid
What it does: Bank/card linking for the Purchases tab. Surfaces transactions, account types, and balance summaries.
Where the key lives: PLAID_CLIENT_ID and PLAID_SECRET server-side.
The extension uses Plaid Link directly with a public link token; the
public token gets exchanged for an access token in an Edge Function, and
the access token is encrypted with AES-256-GCM before going to Postgres.
Credential boundary: Bank usernames and passwords go directly to Plaid in the Plaid Link UI. Teleperson never sees them.
ElevenLabs Conversational AI
What it does: Powers the Voice Concierge — a real-time WebRTC voice agent.
Where the key lives: Optional ELEVENLABS_API_KEY configured in the
Voice AI admin tab. Public agents work without an
API key; private agents require one.
Isolation: Runs inside a sandboxed iframe to keep the rest of the extension under a strict CSP.
Vapi
What it does: Alternate voice provider, enabled when configured. Same sandboxed isolation as ElevenLabs.
Where the key lives: VAPI_API_KEY admin-configured.
Twilio Voice
What it does: Optional in-app VOIP for Premium users — see Twilio config.
Where the key lives: Twilio Account SID + Auth Token live on a serverless token endpoint you operate, not in the extension. The extension fetches short-lived access tokens from your endpoint as needed.
Stock data — Polygon.io / Alpha Vantage / Massive
What they do: Public-company stock data and SEC filings, surfaced in the Public Company Card when the current company is a publicly-traded ticker.
Where the keys live: Server-side, in Edge Function env vars. The extension calls a Teleperson Edge Function which routes to the configured provider.
Provider failover: If Polygon.io is rate-limited, the function falls back to Alpha Vantage, then Massive. The extension sees a unified response shape regardless of which provider answered.
Supabase
Not technically a "third-party integration" since it's our backend, but
worth noting: every other integration above is mediated by Supabase
Postgres + Edge Functions. The extension talks to one origin
(<your-tenant>.supabase.co) plus api.anthropic.com (BYO mode only)
plus the configured voice provider's WebRTC endpoint. That's the entire
egress surface.
Related
- System overview → — the three-tier architecture all integrations plug into.
- Security & privacy → — how credentials are isolated.