Skip to main content
OpenCX sits between the channels your customers use and the systems your team operates. This page is for admins and security reviewers — what data crosses what boundary, what stays inside OpenCX, and what your team can switch off.

Data flow at a glance

Every message lands in OpenCX first. The AI reads from your knowledge base, optionally calls your APIs, and replies on the same channel. Anything the AI hands off goes to your team — in the OpenCX inbox, your helpdesk, or both.

Where data lives

Sessions are the unit of every conversation — customer messages, AI replies, handoff events, and action calls all attach to one session. Sessions stay inside your OpenCX organization. See Core concepts for the full vocabulary. Knowledge is everything the AI reads from. Articles you author in the Help Center plus content synced from connected sources (Zendesk, Notion, Confluence, Shopify, websites). Drafts and segment-restricted content stay internal — the AI uses them in agent-facing surfaces only, never in customer replies. See Agent Training. Identifiers shared with third parties are the minimum needed to make handoff reversible. When a session hands off to a helpdesk like Zendesk or HubSpot, OpenCX writes the session ID and tags onto the ticket so your team can click back. The full transcript syncs as ticket comments.

What touches the AI

  • The customer’s current message and the recent conversation history.
  • The relevant knowledge base entries, ranked by similarity.
  • Action specs (your API definitions). The AI does not see the data your APIs return until it calls one — and only the response of that call.

What your team controls

Per-channel switch plus topic gating. Turn the AI off entirely for a channel, or limit it to specific topics (reply to billing questions, hand off login issues). Configure from Autopilot settings. See Autopilot topics.
Automatic redaction of personal data before storage and inference. Emails, phone numbers, card numbers, and other patterns are masked in transcripts and never reach the AI in raw form. See PII redaction.
Open any session and see exactly what the AI saw — the knowledge entries it ranked, the actions it considered, the prompts it built. Useful for security review and for tuning answers. See Inspect mode.
Enforce SSO at the org level and assign roles per teammate. Restrict who can change Autopilot, view transcripts, or run actions. See SSO.

Limits and honest expectations

AI replies typically land within a second or two; under load this can stretch. Knowledge syncs poll on a schedule — typically every few hours, configurable per source. Handoffs to third-party helpdesks are best-effort; if a third-party API is down, OpenCX retries and surfaces the failure as a conversation.handoff_to_third_party_failed event.

AI Safety

Inspect mode, debug mode, PII redaction, prohibited topics.

SSO

Enforce SSO at the org level.

Bug bounty

Report security issues.

API authentication

How API keys and scopes work.