How is my data secured?

We use bank-grade encryption (AES-256) for data at rest and TLS 1.3 for data in transit. Your content is isolated in your own Supabase project environment.

Can I customize the look and feel?

Yes. You can fully customize the widget colors, launcher icon, welcome messages, and suggested prompts to match your brand guidelines.

What happens if the AI doesn't know the answer?

The AI will honestly state it doesn't know and can be configured to suggest contacting human support or searching specific help articles.

Do you offer higher-volume plans?

Yes. If you expect lots of conversations, reach out and we'll help you choose a plan that fits your business.

API and Integrations

Resly provides flexible APIs and integrations to work with your existing tools. Use the AI in your own applications, connect to third-party services, and customize your support workflow.

Chat API

Use Resly’s AI directly in your own applications without the widget.

API Key Management

Generate and manage API keys in the Install & Integrate → API view:

Navigate to Admin → Deploy → API
Find API Keys section
Click Generate New Key
Copy and secure the key
Use in API requests

Security: Store API keys securely (environment variables, secrets manager). Never commit keys to version control or expose them in client-side code.

Key Rotation

Rotate keys anytime for security:

Generate new key in the API view
Update applications with new key
Test that new key works
Delete old key when ready

No downtime when updating—both keys work during transition period.

Using the Chat API

Authentication

Include your API key in request headers:


Authorization: Bearer YOUR_API_KEY

Send Message

Endpoint: POST /api/chat

Request body:


{
  "messages": [
    { "role": "system", "content": "You are Resly Agent for ACME. Answer with citations." },
    { "role": "user", "content": "How do I reset my password?" }
  ],
  "conversationId": "optional-conversation-id",
  "visitorId": "optional-user-id-or-session"
}

messages must include the full conversation so far (same structure as the widget).
conversationId lets you continue the same conversation across requests.
visitorId helps associate sessions with analytics/usage.

Response:

The endpoint streams a text response (the same format the widget consumes). Read from response.body to display tokens as they arrive. When the stream finishes you’ll receive headers such as X-Conversation-Id and X-Citations with the final metadata.


const res = await fetch('/api/chat', {
  method: 'POST',
  headers: {
    'Content-Type': 'application/json',
    Authorization: `Bearer ${process.env.RESLY_API_KEY}`,
  },
  body: JSON.stringify({ messages }),
});
 
const reader = res.body?.getReader();
let fullText = '';
while (reader) {
  const { value, done } = await reader.read();
  if (done) break;
  const chunk = new TextDecoder().decode(value);
  fullText += chunk;
  // stream chunk to UI
}
const citations = res.headers.get('X-Citations');

Need JSON instead of a streaming response? Wrap your own API route around /api/chat to buffer the stream and return a single payload.

Integration Marketplace

Connect Resly to external APIs so the AI can fetch or update live data.

Available Templates Today

The template registry currently ships with the following connector templates:

Shopify – look up orders or products from your store
Stripe – retrieve customer or subscription info before responding
Gmail – send notification or follow-up emails through your workspace account

You can also create custom connectors by describing the HTTP request (URL, method, headers, body, parameters) and the response mapping. The AI will call those connectors via the tooling system whenever your workflow triggers them.

Need Zendesk, Freshdesk, HubSpot, WooCommerce, Slack, or another provider? Those templates aren’t bundled yet, but you can build them yourself as custom connectors or work with us on an Enterprise engagement.

Setting Up Integrations

Installation Process

Navigate to Admin → Connectors
Browse available integrations
Select the integration you need
Click Install/Configure
Authenticate using:
- OAuth 2.0 (recommended)
- API key
- Username/password
Configure integration settings
Test connection
Enable for production

Security

All integrations use secure authentication:

OAuth 2.0 for supported services
API keys encrypted at rest
Credentials never logged or exposed
Connections validated regularly
Revocable anytime

Review integration permissions carefully. Only grant access to necessary resources.

Custom Integrations

REST API access via Supabase

Resly’s public API surface currently consists of the Chat endpoint plus the connectors you configure. For everything else (tickets, knowledge sources, analytics) you can read and write directly via Supabase using SQL or the REST API that Supabase generates for each table.

Common Use Cases

Embed in Mobile App

Use the Chat API to power in-app support (Swift example using the same /api/chat endpoint):


func sendMessage(_ history: [[String: String]]) async throws -> String {
    guard let url = URL(string: "https://yourdomain.com/api/chat") else { return "" }
    var request = URLRequest(url: url)
    request.httpMethod = "POST"
    request.setValue("application/json", forHTTPHeaderField: "Content-Type")
    request.setValue("Bearer \(API_KEY)", forHTTPHeaderField: "Authorization")
    request.httpBody = try JSONSerialization.data(withJSONObject: ["messages": history])
 
    let (stream, _) = try await URLSession.shared.bytes(for: request)
    var fullText = ""
    for try await line in stream.lines {
        fullText += line
        // update UI incrementally
    }
    return fullText
}

Sync to CRM

Use a connector to call your CRM’s REST API directly from the conversation (e.g., hit /api/accounts/:id via call_connector)
Or sync conversations/tickets out of Supabase using a periodic job or ETL tool

Custom Dashboard

Connect your BI tool (Mode, Metabase, Tableau, etc.) to Supabase to query conversations, tickets, or billing_events
Alternatively, query Supabase via its REST interface and feed the data into your internal dashboards

Usage Tracking

Messages: increment each time a chat or search query hits the API
Embeddings: increment when you ingest new content
Connectors: increment when you call call_connector

View current totals in Admin → Account → Billing. The UI highlights 70%/90% thresholds so you can upgrade before hitting the hard cap. API responses return 429 if you exceed the plan limit.

Best Practices

API Integration

Store keys securely in environment variables
Implement retry logic with exponential backoff
Handle errors gracefully - API may be temporarily unavailable
Cache responses when appropriate to reduce API calls
Monitor usage to stay within rate limits

Integration Management

Test thoroughly in sandbox mode before production
Monitor integration health regularly
Review logs for failed operations
Update credentials before they expire
Document custom integrations for team reference

Troubleshooting

Authentication Errors

401 Unauthorized:

Check API key is correct
Verify key hasn’t been deleted
Ensure Bearer prefix is included

403 Forbidden:

API key lacks necessary permissions
Organization subscription expired
Endpoint not available on your plan

Rate Limiting

429 Too Many Requests:

Implement exponential backoff
Reduce request frequency
Upgrade plan for higher limits
Cache responses where possible

Integration Issues

Connection Failed:

Re-authenticate the integration
Check service credentials are valid
Verify network connectivity
Review service status page

Check Admin → Integrations → Logs for detailed error messages and debugging information.

Next Steps

Deploy chat widget for embedded support
Deploy search for knowledge base lookups
Configure workflows with integrations
Monitor usage and performance
Review this API guide whenever you need the latest payload format