Integration Components
Integration components connect your app to external APIs and services. They run server-side — your API keys stay hidden from the browser.
To add one, just describe what you need in the chat:
"Add a GitHub integration so I can list open issues" "Send an email when an approval is submitted"
Note: Integration components are relatively new and haven't been heavily tested across all use cases. They may require some tuning to work correctly with your specific setup. If something doesn't behave as expected, describe the issue in the chat — the AI can usually diagnose and fix it — or reach out in #eng_product_platform_team.
Generic API Proxies
| Component | What it does | Needs |
|---|---|---|
| REST API Proxy | Securely forward requests to any external REST API — GET, POST, PUT, PATCH — keeping credentials out of the browser | API token (secret) |
| GraphQL Proxy | Proxy GraphQL queries to any external GraphQL API | API key (secret) |
| Webhook Receiver | Listen for and process incoming webhooks from external services | Nothing |
Veho Internal
| Component | What it does | Needs |
|---|---|---|
| Veho Platform API | Preferred for Linear, GitHub, PagerDuty, and New Relic — zero-secret proxy to the Veho Platform API. Covers Linear teams/states/members/issues (filterable by team ID and completion date), GitHub PRs, team listing, and PR stats by team/author, PagerDuty incidents (with time range), on-call/policies/schedules, and New Relic alert policies, violations, and NRQL queries. Responses are KV-cached automatically. | Nothing extra |
| Veho Platform Supergraph | Connect to Veho's internal supergraph — merged AppSync GraphQL API covering 20+ services (drivers, facilities, routes, packages, offers, and more). Authentication is handled by the platform; no credentials needed in the app. Rate limited: 60 req/min and 2,000 req/day per app. | Nothing extra |
Want to explore the supergraph interactively? Use the
veho-supergraph-playgroundtemplate — it includes 30+ pre-built sample queries across every core domain (drivers, offers, facilities, routes, packages, orders, markets, clusters, consumers) and lets you run them against live Veho production data with one click.
Want to expose your team's internal API to Vulcan apps? See Connecting to Veho Internal APIs for the registration guide — including how to create the required IAM role.
SaaS & Productivity
| Component | What it does | Needs |
|---|---|---|
| Google Sheets | Read and write Google Sheets — user connects their own Google account via OAuth at runtime | google-auth component |
| Google Docs | Export and read Google Docs | google-auth component |
| Google Calendar | List calendars and events, create, update, and delete events — user connects their Google account once via OAuth. UI helpers: renderCalendarPicker (calendar dropdown) and renderEventList (styled event cards). | google-auth component |
| Google Drive | Browse, upload, download, rename, move, and trash files. Google Workspace files (Docs, Sheets) auto-exported as text/CSV. | google-auth component |
| Notion | Search pages and databases, read and update page content, query databases, create pages | Notion API token (secret) |
| Airtable | Query and write to Airtable bases | Airtable API key (secret) |
Support & CRM
| Component | What it does | Needs |
|---|---|---|
| Salesforce | Query and update Salesforce records | Salesforce API key (secret) |
| Zendesk | Read and create Zendesk support tickets | Zendesk API key (secret) |
| Gong | Pull sales call and revenue intelligence data from Gong | Gong API key (secret) |
| Metabase | Query Metabase saved questions and dashboards | Metabase API key (secret) |
Messaging & Notifications
| Component | What it does | Needs |
|---|---|---|
| Twilio | Send SMS messages and make calls | Twilio Account SID + Auth Token (secrets) |
Data & Analytics
| Component | What it does | Needs |
|---|---|---|
| Databricks | Query Databricks SQL warehouses | Databricks host + token (secrets) |
| Metabase | Query Metabase dashboards and saved questions | Metabase host + API key (secrets) |
| Sigma | Embedded analytics from Sigma | Sigma API key (secret) |
| New Relic | Query New Relic data, ingest custom events, list alert policies and violations, record deployment markers. For read-only dashboards, use the Veho Platform API instead — no credentials required. Use this component only for write operations: custom event ingest and deployment markers. | New Relic API key + account ID (secrets) |
AWS
AWS components chain together — start with IAM auth, then add the specific service you need.
| Component | What it does | Needs |
|---|---|---|
| AWS IAM Authentication | Base AWS auth — provides temporary credentials via IAM | AWS access key + secret (secrets) |
| AWS Role Assumption | Assume an IAM role for cross-account access via STS | aws-iam-auth + AWS role ARN (secret) |
| AWS S3 | List, upload, download, and delete objects in S3. Files proxy through the Worker so credentials never reach the browser | aws-role-assumption + bucket name + region |
| AWS Lambda | Invoke Lambda functions and return results | aws-role-assumption |
| AWS DynamoDB | Query and write to DynamoDB tables | aws-role-assumption |
| AWS SQS | Send and receive messages from SQS queues | aws-role-assumption |
| AWS EventBridge | Put events into EventBridge | aws-role-assumption |
Authentication & Access Control
| Component | What it does | Needs |
|---|---|---|
| Role-Based Authorization | Add admin/editor/viewer roles to your app on top of Vulcan's session auth. Stores roles in KV. Includes admin management routes and frontend guards. | KV storage |
| Google OAuth | Let users connect their personal Google account — used by Google Sheets, Google Docs, Google Calendar, and Google Drive components. Vulcan handles the OAuth flow centrally. | Nothing extra |
How Google OAuth works
When a user opens an app that needs Google access, they'll see a "Connect Google Account" button. Here's what happens:
- They click the button — they're redirected to Google's standard consent screen
- They click Allow — Google sends them back to the app automatically
- Done. The app can now read and write their Google Sheets, Docs, Drive files, or Calendar events.
This connection is per-user, not per-app. Once a user connects their Google account through any Vulcan app, every Vulcan app they open can reuse that connection — they won't be prompted again. If a different user opens the same app, they connect their own Google account separately.
Tokens are managed automatically. Access tokens expire every hour. Vulcan refreshes them silently in the background. The user never notices.
Note for existing users: Google Calendar access was added in April 2026. Users who connected their Google account before this date will need to reconnect once to grant the new Calendar scope. The app's "Connect Google Account" button handles this — it always requests the full current scope set.
To disconnect: Apps with a Google integration include a "Disconnect Google Account" button. Clicking it revokes access and removes the stored connection.
If access is revoked from Google's side (e.g., the user removes Vulcan from their Google account permissions at myaccount.google.com), the app will show a "Connect Google Account" button again on the next use. One click reconnects.
Performance
| Component | What it does | Needs |
|---|---|---|
| Response Caching | Cache GET responses at the Cloudflare edge. Repeat requests are served instantly without hitting your Worker. Includes X-Cache: HIT/MISS headers and a purge endpoint. | Nothing — no KV, no cost per cached hit |
Demo / Testing
| Component | What it does | Needs |
|---|---|---|
| Demo REST API | Mock REST API that returns sample event data — useful for prototyping without a real backend | Nothing |
| Demo GraphQL API | Mock GraphQL API for prototyping | Nothing |