Connect Your Agent to FlowGrid.
Keep Humans in the Approval Loop.
FlowGrid BYOA is built for secure, tokenized workflows: signed webhook ingestion, least-privilege API keys, and draft-first operations for outbound actions.
What You Can Do Right Now
Here is what your AI agent can safely do in FlowGrid right now.
Your Agent Can Take Helpful Actions
You choose exactly what your agent is allowed to do, so it can help without having full access to everything.
- Draft emails for you to review
- Update deals and add notes when allowed
- Blocked actions are clearly explained
Secure Agent Connection
FlowGrid and your agent exchange signed requests so your workflow stays protected and reliable.
- Every request is verified as authentic
- Duplicate or replayed requests are blocked
- Safe retries prevent duplicate actions
Human Review Before Sending
In v1, your agent can prepare messages, but a person stays in control of what gets sent.
- Draft-only mode is supported
- Manual approval mode is supported
- Automatic sending is not enabled in v1
How BYOA Works
Three simple steps to get started safely
Create a Private Key
Create a secure key for your agent and choose what it is allowed to do.
Connect Your Agent
Link FlowGrid to your agent so updates can flow between them securely in real time.
Review Before Anything Sends
Your agent prepares drafts, and your team approves what goes out.
Powerful BYOA Use Cases
These are practical ways teams use AI agents with FlowGrid today.
AI Follow-Up Draft Queue
Agent creates prepared follow-up drafts linked to contacts or organizations. Team reviews in queue, then sends.
POST /api/v1/agent/operations (operation: prepareEmail)Pipeline Progress Automation
Agent evaluates context and proposes/executes stage changes through a scoped updateDeal operation.
POST /api/v1/agent/operations (operation: updateDeal)Structured Activity Notes
Agent appends normalized notes to contact or organization records without broad write access.
POST /api/v1/agent/operations (operation: addNote)Webhook-Driven Agent Loop
FlowGrid sends tokenized/redacted context to your agent webhook. Agent returns tokenized actions for workflow processing.
POST /api/v1/automations/webhooks/:tokenSecurity Controls in the Current BYOA Contract
Authentication + Replay Protection
- Signed HMAC payloads with timestamp + nonce canonicalization
- Single-use nonce enforcement inside replay window
- Idempotency key support for safe retry behavior
Policy + Data Boundary
- Operation scope + object scope checked on each request
- Tokenized/redacted workflow model for external agents
- Policy-denied auto-send in v1 to prevent autonomous outbound sends
Allowed in v1
- Draft email workflows with review queue
- Manual approval mode for outbound messages
- Scoped deal updates and note creation
Not allowed in v1
- ×Auto-send without human approval
- ×Plaintext substitution map uploads from external agents
- ×Wildcard key scope usage as a recommended integration pattern
Launch BYOA With Clear Guardrails
Start with draft-first workflows, verify behavior in production, then expand scope operation by operation.