Connected Apps

Connect external APIs so Brightwave agents can access your tools and data sources.

View as Markdown

Connected Apps let you link external services — like your CRM, meeting transcripts, or internal tools — so Brightwave's agents can pull data from them during research.

How it works

When you connect an app, you provide the API endpoint and credentials. Brightwave encrypts your credentials at rest and injects them automatically when an agent needs to access the service. Agents never see your API keys directly — authentication is handled through a secure proxy.

Setting up a connected app

  1. Go to Settings → Connected Apps.
  2. Click Add App and enter the service details: name, base URL, authentication type, and credentials.
  3. Add an optional label, notes, and any extra headers the API requires.
  4. Save the app.

Supported authentication types include API key (header or query parameter), Bearer token, and Basic auth.

Enabling apps per project

Connected apps are enabled at the project level. Open the Connected Apps submenu in the composer toolbar and toggle on the apps you want agents to use for that project. This keeps your integrations scoped — agents only access what's relevant.

External access

Control whether agents can reach external websites beyond your connected apps. Open the Connected Apps submenu in the composer toolbar and hover over External access to choose:

  • Connected apps only — agents can only call the APIs you've explicitly connected.
  • Connected apps + websites — agents can also search the web and access public websites during research.

This setting applies per project, so you can lock down sensitive workspaces while leaving others open.

What agents can do

Once an app is enabled for a project, agents can make authenticated requests to the service as part of their research. For example, an agent could pull deal data from your CRM, fetch meeting transcripts, or query an internal analytics API — all within a single research workflow.

Security

  • Encrypted at rest — API keys are encrypted using AES with AWS-managed key rotation.
  • Never exposed to agents — credentials are injected at the proxy layer; agents cannot read or extract them.
  • Domain validation — Brightwave rejects connections to internal networks, localhost, and IP addresses to prevent misuse.
  • Project-scoped — each app must be explicitly enabled per project.

Agents & Outputs

How agents produce structured outputs.

Documents & Sources

Add data sources to feed your research.

Email AgentInteract with Brightwave from your inbox — send documents, request research, and manage projects via email.Office Add-inUse Brightwave's AI agents directly inside Microsoft Excel, Word, and PowerPoint.