Agent Triggers
Drive agent executions from webhooks, Slack mentions, Telegram, Microsoft Teams, WhatsApp Business, or a cron schedule. One trigger model, six sources.
Agent Triggers
Agent triggers turn an external event into an agent run. Pick whichever source fits where your users already work — the agent code stays the same.
| Source | What fires it |
|---|---|
| Webhook | Any HTTP POST carrying a JSON body — CI/CD, monitoring, custom integrations |
| Slack | Mentions in a channel, direct messages, or reactions on the bot's replies |
| Telegram | Direct messages and group mentions |
| WhatsApp Business Cloud API messages | |
| Teams | Microsoft Teams Bot Framework messages |
| Schedule | A cron expression — no inbound request required |
For Slack, Telegram, Teams, and WhatsApp the agent's response is posted back to the same channel automatically — no extra plumbing. Chat history is remembered so the agent picks up where the conversation left off.
How it feels for users
Slack — a teammate mentions the bot in #incidents, the agent investigates and replies in-thread. A 👍 reaction on the reply records a positive score for that run.
Telegram — someone DMs the bot, or @mentions it in a group; the agent answers in the same chat.
Schedule — set 0 9 * * * and the agent runs every weekday at 9am with no human in the loop.
Webhook — your CI pipeline POSTs build metadata, the agent reviews the PR, and the run shows up in the executions list with the right trigger attribution.
Setup, at a glance
- Open the Triggers tab on the agent you want to wire up.
- Pick a source — Webhook, Slack, Telegram, Teams, WhatsApp, or Schedule.
- Add the credentials that source needs (signing secret, bot token, app secret) from your workspace credentials.
- Copy the public hook URL into the upstream system, or set a cron expression for schedule triggers.
That's it. Activate / deactivate the trigger without deleting it whenever you want.
What's enforced for you
- Authentication: every public URL carries a unique encrypted token; Slack signatures, Telegram secret tokens, WhatsApp app secrets, and generic-webhook HMACs are all verified before the agent runs.
- Rate limiting: each trigger is limited per token so a noisy channel can't drown out the rest of your workspace.
- SSRF protection: outbound reply URLs are validated against an allowlist of provider hosts.
- Bot-loop prevention: bot-authored messages never re-trigger the agent.
- Replay protection: signed requests outside the 5-minute window are rejected in both directions.
- Horizontal scaling: schedule triggers fire exactly once per interval no matter how many service replicas you run.
Approvals & scoring
Trigger-driven executions go through the same pipeline as anything else, so you can:
- Pause for human approval before the agent posts a reply (Approvals)
- Capture emoji reactions on Slack/Telegram replies as evaluation scores (Scoring & Evaluation)
- Inspect the full trace, cost, and token usage in the executions list
SDKs
Manage triggers from any SDK:
| Language | Surface |
|---|---|
| Python | client.agent_triggers |
| JavaScript | client.agentTriggers |
| Go | client.AgentTriggers |
The REST contract for managing triggers is in the API Reference; the public inbound hook URLs sit under /api/v1/hooks/*.
API key scopes
| Scope | Allows |
|---|---|
agent_triggers:read | List and view triggers |
agent_triggers:write | Create, update, and delete triggers |
Public hook URLs don't need an API key — the token in the URL is the credential.
Related Topics
- Sessions & Chat — How conversation memory ties into the chat surface
- Approvals — Pausing trigger-initiated executions for human review
- Scoring & Evaluation — Reactions on chat replies feed score signals
- Virtual Filesystem — Long-term memory for trigger-driven agents
- API Reference — Endpoint specs and OpenAPI schema