Advanced

Custom Actions

Extend your agent's capabilities with custom actions that connect to your systems.

What are Actions?

Actions allow your agent to perform real tasks beyond just answering questions. Connect to your APIs, databases, and third-party services to create a truly capable AI assistant.

Data Lookup

Query orders, accounts, inventory

Process Automation

Create tickets, update records

External APIs

Shipping, payments, calendars

Secure Operations

Auth-protected endpoints

Creating an Action

Define actions in your agent configuration:

Action Definition
{
  "name": "check_order_status",
  "description": "Look up the status of a customer order",
  "parameters": {
    "type": "object",
    "properties": {
      "order_id": {
        "type": "string",
        "description": "The order ID (e.g., ORD-12345)"
      }
    },
    "required": ["order_id"]
  },
  "endpoint": {
    "url": "https://api.yourstore.com/orders/{order_id}",
    "method": "GET",
    "headers": {
      "Authorization": "Bearer {{STORE_API_KEY}}"
    }
  },
  "response_template": "Order {{order_id}} is {{status}}. Expected delivery: {{delivery_date}}"
}

Action Types

HTTP Actions

Call any REST API endpoint with custom headers and authentication.

{
  "type": "http",
  "method": "POST",
  "url": "https://api.example.com/tickets",
  "headers": {
    "Content-Type": "application/json",
    "Authorization": "Bearer {{API_KEY}}"
  },
  "body": {
    "subject": "{{subject}}",
    "description": "{{description}}",
    "priority": "{{priority}}"
  }
}

Webhook Actions

Trigger workflows in your backend systems.

{
  "type": "webhook",
  "url": "https://hooks.yourapp.com/agent-actions",
  "events": ["refund_requested", "escalation_needed"],
  "signing_secret": "{{WEBHOOK_SECRET}}"
}

Database Actions

Direct database queries for real-time data access.

{
  "type": "database",
  "connection": "{{DATABASE_URL}}",
  "query": "SELECT status, shipping_date FROM orders WHERE id = $1",
  "params": ["{{order_id}}"]
}

Parameter Extraction

The agent automatically extracts parameters from the conversation:

Customer says:

"Where is my order ORD-98765?"

Agent extracts:

{ "order_id": "ORD-98765" }

Action executes:

GET /orders/ORD-98765

Error Handling

{
  "name": "check_order_status",
  "endpoint": { ... },
  "error_handling": {
    "404": {
      "message": "I couldn't find that order. Please check the order ID and try again."
    },
    "401": {
      "message": "I'm having trouble accessing order information. Let me connect you with a team member.",
      "action": "escalate"
    },
    "timeout": {
      "message": "The system is taking longer than expected. Please try again in a moment.",
      "retry": true,
      "max_retries": 2
    }
  }
}

Security Best Practices

  • Store API keys in environment variables, never in action definitions
  • Use the principle of least privilege for API permissions
  • Validate and sanitize all extracted parameters
  • Implement rate limiting on action endpoints
  • Log all action executions for audit trails

Related

Webhooks
Security Guide