Skip to content

B3-N: per-tenant Zalo OA skill (webhook + key credential shape) #106

Open
Open
B3-N: per-tenant Zalo OA skill (webhook + key credential shape)#106
Labels
enhancementNew feature or request

Description

@vanducng
vanducng
opened on May 24, 2026

Goal

Per-tenant Zalo Official Account skill — most complex of the B3-N candidates because Zalo OA uses both webhooks (inbound events) AND signing keys (outbound calls). Skill scope: read-only first (list followers, recent conversations).

Acceptance

  • Confirm credential shape — likely access_token + refresh_token + OA_ID (Zalo's OAuth flavor) — different from Google OAuth in detail but similar in shape; may be able to reuse parts of GoogleClientManager pattern
  • New dataplanelabs/zalo-oa-cli repo OR reuse the existing zalo-personal channel infra
  • Refresh handling: Zalo OA tokens have shorter TTLs than Google
  • Pilot skill: zalo-oa-followers-read or zalo-oa-conversations-read
  • Webhook signature verification on inbound (channels infra already handles this — confirm)
  • e2e smoke

Open question

Does this belong in the secure_cli_run convention at all, or is it more naturally a channel (which it already is)? Decide in brainstorm before coding.

Effort: ~3d planning + brainstorm; ~1wk implementation. Depends on: B-conv-1 (shipped), brainstorm first.

Workstream meta: #111

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementNew feature or request

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions