External AI Agent Setup
Connect Claude Cowork, Codex, or your own AI agent to Laserreach
Create a revocable org token, paste one setup block into your agent, and let the agent use Laserreach APIs while keeping hosted run control off by default.
Recommended setup
Leave Laserreach-hosted run control off for most local agents. The agent can use its own memory and model provider, then call Laserreach APIs for account context, workspace files, policies, schedules, recommendations, content, ads, browser sessions, and intel.
Sign in and open External Agents
Sign in to Laserreach, open your organization, then go to Settings and External Agents.
If you manage more than one organization, confirm the org shown in the settings page before creating the token.
Create a scoped token
Name the token after the tool you are connecting, such as Claude Cowork or Codex. Keep the default scopes for the normal local-agent setup.
Turn on outbound or publishing scopes only when the agent should perform those actions. Leave Allow Laserreach-hosted run control off unless you want the agent to start, steer, cancel, retry, or prune Laserreach runs.
Copy the setup block
After creating the token, copy the complete setup instructions. The token is shown once. Store it in the connected tool, not in a shared document.
Authorization: Bearer <external_agent_token> X-Org-ID: <org_id> Capabilities URL: https://api.laserreach.com/api/abm/agent/capabilities Run URL (read/list by default): https://api.laserreach.com/api/abm/agent-runs
Paste it into the AI agent
Give the full setup block to Claude Cowork, Codex, or your agent client. Tell it to start by calling the capabilities URL and to use only routes returned by that response.
You are connected to Laserreach through this external-agent token. Start with: GET https://api.laserreach.com/api/abm/agent/capabilities Use the returned capabilities to choose Laserreach APIs. Do not start, steer, cancel, retry, or prune Laserreach-hosted runs unless I explicitly ask and this token has agent-runs:control. Prefer local planning and memory. Use Laserreach for scoped API actions and source-of-truth account context.
Test the connection
Ask the connected agent to fetch capabilities and summarize what it can access. A successful connection returns route groups and sensitive-scope requirements.
curl "https://api.laserreach.com/api/abm/agent/capabilities" \ -H "Authorization: Bearer <external_agent_token>" \ -H "X-Org-ID: <org_id>"
Rotate or revoke access when needed
Revoke the token from the External Agents screen if the connected tool no longer needs access, if the token was pasted into the wrong place, or if a contractor or operator leaves the account.
Optional local automation
Trigger local Codex from Laserreach events
Use the open helper script when you want a local Codex session to react to webhooks from Laserreach, HubSpot, Zapier, Make, n8n, or another event source that can post JSON.
curl -O https://www.laserreach.com/examples/laserreach-codex-webhook-bridge.mjs chmod +x laserreach-codex-webhook-bridge.mjs export LASERREACH_AGENT_TOKEN="<external_agent_token>" export LASERREACH_ORG_ID="<org_id>" export LASERREACH_WEBHOOK_SECRET="<shared_webhook_secret>" export WEBHOOK_PATH=/laserreach/events # First run: create prompt files only. node laserreach-codex-webhook-bridge.mjs # Auto-run Codex after each verified event. CODEX_AUTO_RUN=1 node laserreach-codex-webhook-bridge.mjs
Expose the local listener with a tunnel such as ngrok, then point the event source at /laserreach/events. The helper stores each event locally, fetches Laserreach capabilities, and prepares a Codex prompt with the event and API boundaries.
curl -X POST "http://127.0.0.1:8797/laserreach/events" \
-H "Content-Type: application/json" \
-d '{"event_id":"evt_demo","type":"signal.created","account_id":"acct_123"}'Keep LASERREACH_WEBHOOK_SECRET set before exposing the listener outside your machine. The helper does not grant run control by itself; Codex still follows the token scopes and the `agent-runs:control` boundary.