Integrations
What we connect to.
We list every integration with its real status. "Live" means it ships and works today. "Pilot" means functional but used by <3 tenants. "Scoped" means an adapter exists and is wired per customer on engagement. "On engagement" means a connector slot exists in the platform and we'll build the adapter as part of the SOW.
Category 01
Email & calendars
Inbox triage, drafted replies, meeting scheduling. The communication and scheduling agents speak the protocol; per-vendor auth handles the rest.
Gmail · Google Workspace
scopedScoped: OAuth 2.0 read/send, label-based routing, calendar API for scheduling. Requires the customer's Google Cloud OAuth app — not yet live.
Auth: OAuth · Scopes: gmail.modify · calendar
Microsoft 365 · Outlook
scopedScoped: Microsoft Graph for mail + calendar. Requires a per-tenant app registration — not yet live.
Auth: OAuth · Scopes: Mail.ReadWrite · Calendars.ReadWrite
Generic IMAP / SMTP
scopedCatch-all for self-hosted mail (Zimbra, Postfix, Fastmail, custom IMAP). Username + app-password authentication.
Auth: basic · TLS required
Category 02
Team chat
Approval routing to chat channels, alerts from compliance / anomaly detection, AI consultant access from inside the chat surface.
Slack
scopedPlanned: bot token, signed webhooks, slash commands — Approval Inbox posting and receiving decisions inside Slack threads. Scoped, not yet live.
Auth: bot token · channels: per workspace
Microsoft Teams
pilotAdaptive Cards for approvals, channel webhooks for alerts. Tested with one pilot deployment.
Auth: bot framework · per-tenant app registration
WhatsApp Business API
pilotSandbox number in use for the AI consultant demo. Production deployment requires Meta verification per customer.
Auth: WhatsApp Cloud API · template messages
Category 03
CRM & pipeline
Sync contacts, interactions and pipeline stages between Sonoda's internal CRM and your system of record. Bidirectional where the vendor permits.
Salesforce
scopedAdapter scaffolding exists for Lead, Contact, Opportunity, Activity. Per-customer wiring of custom fields and validation rules on engagement.
Auth: OAuth 2.0 JWT · API version 58.0+
HubSpot
scopedAdapter scaffolding for Contacts, Companies, Deals, Engagements. Webhook subscriptions for change capture.
Auth: private app token · API v3
Pipedrive · Zoho · Bespoke CRM
on engagementConnector slots in agents/integrations/. Adapter built into the SOW; typical timeline 2–4 weeks.
Auth: vendor-dependent
Category 04
Identity & SSO
SAML 2.0 and OIDC are implemented in the auth layer. Per-IdP wiring (metadata, attribute mapping, group-to-role mapping) is part of enterprise onboarding.
Okta
scopedSAML 2.0 SP metadata + OIDC client. Group → role mapping configured per tenant. JIT user provisioning supported.
Protocols: SAML · OIDC
Microsoft Entra ID (Azure AD)
scopedOIDC and SAML supported. Conditional access policies honored at the IdP level.
Protocols: OIDC · SAML
Google Workspace · OneLogin · Auth0
scopedStandards-based — works with any SAML 2.0 or OIDC IdP. Test environment provided before cutover.
Protocols: SAML · OIDC · SCIM 2.0 (engage)
Category 05
Document management
Source documents for Document Intelligence and RAG. Read access to your DMS; write-back for classified / extracted results is configurable.
Google Drive · SharePoint · OneDrive
pilotFolder watch + on-demand fetch. Tested with pilot deployments.
Auth: OAuth 2.0 · service account (Drive)
iManage · NetDocuments
on engagementLegal-DMS connectors built per engagement. Matter-centric metadata mapping is the bulk of the work.
Auth: vendor token · matter-scoped access
S3 · GCS · Azure Blob · WebDAV
liveObject-storage source with prefix-based ingestion. Used for batch document loads and data-room ingestion.
Auth: IAM / SAS / static credentials
Category 06
Payments & billing
Used internally for post-SOW invoicing. Not exposed in the public engagement flow (see /pricing).
Mercado Pago
livePreference creation + webhook-driven status updates. Used for LATAM invoicing.
Auth: access token · sandbox + production
Stripe · Wire transfer
on engagementStripe adapter slot exists. International wire is the default for enterprise SOWs.
Auth: API key · webhook signing
AFIP electronic invoicing (AR)
scopedScaffolding present, dormant. Activated for Argentina-resident customers on engagement.
Auth: AFIP WSAA token · CUIT-bound
Category 07
Outbound events & webhooks
Every domain event the platform emits — workflow.completed, approval.requested, audit.entry.written, anomaly.detected — can be subscribed to via signed HTTP webhook.
Signed webhooks (generic)
liveHMAC-SHA256 over body + timestamp, 5-minute replay window. Subscribe via the admin console or API.
Header: X-Sonoda-Signature · X-Sonoda-Timestamp
Zapier · n8n · Make
on engagementGeneric webhooks already let these tools subscribe. A first-class app listing is on the roadmap.
Connect via webhook URL
Kafka · NATS · SQS
on engagementBridge sink for enterprises with an event backbone. Built into the SOW.
Auth: vendor-dependent
How a new integration ships
If yours isn't listed.
Every integration sits under agents/integrations/<vendor>.py implementing a stable interface: connect(), list_objects(), write_object(), watch(). Adding a new vendor is, in our experience, 2–4 weeks end-to-end including auth flow, schema mapping, retry / backoff, and tenant-level enablement. We scope this into the SOW with a fixed price and a fixed timeline. If we miss the timeline, you don't pay for the integration.