StaqOn's external API lets your CRM add partners to a team, send them messages, and raise escalations — while webhooks push every reply back to you in real time. Your CRM stays the system of record; StaqOn handles the conversation. Authentication is a single API key scoped to one external team.
Plug StaqOn into your CRM: the external partner API
The problem with bolting chat onto a CRM
Most teams end up with two systems that don't talk. The CRM knows who the partner is, what they've been sold, and what they owe. The chat tool knows what was actually said. Neither knows both, so someone spends their day copying between them.
StaqOn's external API exists to close that gap without asking you to abandon either.
What the API actually does
The API is scoped deliberately narrowly. Each API key belongs to one external team — so an integration can only ever touch the partners in that team, never your whole workspace.
Add a member. Your CRM creates a partner record; the same call adds them to the right StaqOn team. They get a channel with your handlers, no manual invite step.
Send a message. Push a message into a partner's thread from your CRM — an order update, a document request, a status change. It lands as a normal message in their app.
Raise an escalation. When something needs an owner and a deadline rather than just a message, create an escalation against that member.
Remove a member. Partner offboards in your CRM, they lose access in StaqOn.
Read status. Check membership and team state without leaving your system.
Webhooks: how you stay in the loop
The API is deliberately send-oriented. Reading a whole conversation over HTTP is the wrong shape — so instead, StaqOn pushes to you.
Register a webhook URL per external team and you receive events as they happen:
member.joined— a partner accepted and is inmember.message— a partner said somethingmember.removed— they left or were removedescalation.created/escalation.resolved— the ticket lifecycle
Every payload is signed with HMAC-SHA256 in an X-StaqOn-Signature header, so you can verify it came from StaqOn and not someone who guessed your endpoint. Verify the signature before you trust the body.
Delivery is direct — StaqOn calls your URL. A webhook that fails repeatedly gets disabled automatically, so a dead endpoint doesn't queue up forever.
The account-linking handshake
There's a second, more interesting integration: bridging a partner's StaqOn conversation into your own UI.
You request a link against a member's username. They see the request in their StaqOn account settings and approve or decline it. Only after they approve can your CRM read that conversation back — and they can revoke it at any time, which is an instant kill switch.
That asymmetry is deliberate. Writing into a partner's thread is authorised by your API key — it's your workspace, your team, your relationship. Reading their conversation history requires the member's own consent. The partner is a separate business, not your employee; their history isn't yours by default.
What you can build with it
Order and delivery updates. Status changes in your ERP push straight into the partner's thread. No one copy-pastes a tracking number.
Document collection. Request a document from the CRM, receive it in StaqOn, and the member.message webhook tells your system it arrived.
Support tickets with an owner. Escalations give a request a named owner and a resolution state — the thing group chat can never do.
A unified agent view. With the member's approval, show their StaqOn conversation inside your CRM, so your team never switches tabs.
Automated onboarding. A partner signs up in your system and is in a StaqOn team seconds later, with a channel and a handler.
Practical notes
One key, one team. Scope is a feature. If you integrate three teams, that's three keys — and a leaked key exposes one team, not everything.
Send-and-subscribe, not poll. Use the webhook for live events. If you need to catch up after downtime, the read endpoint takes an incremental cursor so you fetch only what's new.
Verify signatures. Always. An unverified webhook endpoint is an open door.
Attachments are signed URLs with an expiry — download and store what you need rather than holding the link.
Getting started
API access is set up per workspace from your StaqOn settings, where you generate a key and register webhook URLs for an external team. Full endpoint documentation lives in the developer section.
If you're evaluating whether this fits your stack, the short version: if your CRM can make an HTTP POST and receive one, it can plug into StaqOn.