# Network Access

> Network Access lets your agent make outbound HTTP requests to external APIs — so it can look up live data like orders, shipping status, or inventory, then use that information when responding to customers.

<figure><img src="https://844187487-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FRZFmKvs1oBZcPVylWXUJ%2Fuploads%2FlZAuyP5dSKQDogifWHP0%2FScreenshot%202026-03-27%20at%2014.19.49.png?alt=media&#x26;token=d37f5dca-be89-4275-a97a-8dea85418e25" alt=""><figcaption></figcaption></figure>

## What you can do

* Fetch live data from any REST API (orders, customers, inventory, shipping, etc.)
* Make GET requests to retrieve data or POST requests to trigger actions
* Attach authentication headers (API keys, Bearer tokens, Basic auth) per domain
* Combine with any helpdesk so the agent responds with real-time data

***

## Setting up Network Access

Network Access is configured per agent in the **Settings** tab.

1. Open your agent in the eesel AI platform
2. Go to the **Settings** tab
3. Scroll to the **Network Access** section
4. Click **+ Add policy**
5. Fill in the fields:

| Field            | What to enter                                                                     |
| ---------------- | --------------------------------------------------------------------------------- |
| **Domain**       | The base domain of the API (e.g. `api.yourservice.com`)                           |
| **Header name**  | The authentication header name (e.g. `Authorization`)                             |
| **Header value** | The full header value including scheme (e.g. `Basic abc123==` or `Bearer sk-...`) |

6. Click **Save policies**

<figure><img src="https://844187487-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FRZFmKvs1oBZcPVylWXUJ%2Fuploads%2F5vdoh3pjDmtwRbveQM7z%2FScreenshot%202026-03-27%20at%2014.23.36.png?alt=media&#x26;token=052c9153-0183-48af-97f9-3d840b82bbbb" alt=""><figcaption></figcaption></figure>

> **Note:** Header name and value must always be filled in together — you cannot save one without the other.

### Wildcard domains

To allow all subdomains of a domain, use a wildcard:

```
*.yourservice.com
```

This matches `api.yourservice.com`, `store.yourservice.com`, etc., but not `yourservice.com` itself.

***

## Authentication

Different APIs use different auth schemes. Here's how to configure each one.

### Basic Auth

Basic Auth encodes your credentials as a base64 string. Most APIs that use Basic Auth expect `username:password` or `api_key:` (with an empty password).

**Step 1 — Generate the base64 value:**

```bash
echo -n "YOUR_API_KEY:" | base64
```

The colon at the end is required — it separates `username:password`. If there's no password, leave it empty after the colon.

**Step 2 — Add the policy:**

| Field        | Value                        |
| ------------ | ---------------------------- |
| Domain       | `api.yourservice.com`        |
| Header name  | `Authorization`              |
| Header value | `Basic <your base64 output>` |

### Bearer Token

| Field        | Value                 |
| ------------ | --------------------- |
| Domain       | `api.yourservice.com` |
| Header name  | `Authorization`       |
| Header value | `Bearer YOUR_API_KEY` |

### Custom API Key header

Some APIs use a custom header name instead of `Authorization`:

| Field        | Value                 |
| ------------ | --------------------- |
| Domain       | `api.yourservice.com` |
| Header name  | `X-API-Key`           |
| Header value | `YOUR_API_KEY`        |

***

## Writing instructions for your agent

Once the policy is saved, you need to tell your agent **when** and **how** to use it. Add instructions in the **Instructions** tab.

### Example — look up an order

```
When a customer asks about their order status, look it up using their order number.

Use the web_request tool:
- Method: GET
- URL: https://api.yourservice.com/orders/{order_number}

Return the order status, items, and estimated delivery date to the customer.
```

### Example — look up shipping status

```
When a customer asks where their package is, look up the shipment details.

Use the web_request tool:
- Method: GET
- URL: https://api.yourservice.com/shipments?orderNumber={order_number}

Return the tracking number, carrier, and current status to the customer.
```

### Example — trigger an action (POST)

```
When a customer requests a cancellation, cancel the order via the API.

Use the web_request tool:
- Method: POST
- URL: https://api.yourservice.com/orders/{order_id}/cancel
- Payload: { "reason": "customer request" }

Confirm the cancellation to the customer once done.
```

The agent will automatically use the auth headers from your Network Access policies — you do not need to include credentials in your instructions.

***

## How GET and POST requests work

Your agent can make four types of requests. The most common are GET (fetch data) and POST (create or trigger something).

### GET — fetching data

Use GET to retrieve information. Any parameters you specify are passed as query string values.

```
Method: GET
URL: https://api.yourservice.com/orders/{order_id}
```

### POST — sending data

Use POST to create records or trigger actions.

```
Method: POST
URL: https://api.yourservice.com/orders/{order_id}/cancel
Payload: { "reason": "customer request" }
```

> POST and PATCH requests send the payload as a JSON body. GET requests send it as query parameters.

***

## End-to-end example

This shows how to combine Network Access with a helpdesk so the agent can look up live data and respond to customers automatically.

### 1. Add Network Access policies

In **Settings > Network Access**, add a policy for each API you want the agent to access:

| Domain                         | Header name     | Header value                 |
| ------------------------------ | --------------- | ---------------------------- |
| `api.your-orders-system.com`   | `Authorization` | `Basic <base64 credentials>` |
| `api.your-shipping-system.com` | `Authorization` | `Bearer YOUR_API_KEY`        |

### 2. Connect your helpdesk

Set up your helpdesk integration (e.g. Zendesk) and configure the agent to reply via your chosen channels (messaging, email, etc.).

### 3. Write agent instructions

```
You are a customer support agent.

When a customer asks about an order:
1. Ask for their order number if not provided
2. Look up the order:
   GET https://api.your-orders-system.com/orders?number={order_number}
3. If the order has shipped, look up tracking:
   GET https://api.your-shipping-system.com/shipments?orderNumber={order_number}
4. Respond with the order status, items ordered, and tracking information

Always be friendly and concise. If the order is not found, ask the customer to double-check their order number.
```

***

## Troubleshooting

### "Header name and value need to be filled in together"

Both fields must be filled in before saving. If you want to allow a domain without any auth headers, leave both fields empty.

### "Outbound request to 'api.example.com' is not allowed"

The domain you're requesting is not in your Network Access policies. Check that:

* The domain in the policy matches the hostname exactly (e.g. `api.yourservice.com`, not `https://api.yourservice.com/v1/orders`)
* You clicked **Save policies** after adding the domain

### The API returns 401 Unauthorized

* For Basic Auth: make sure you ran `echo -n "key:" | base64` with the trailing colon
* For Bearer tokens: make sure the value starts with `Bearer` (with a space)
* Double-check that the API key is still valid in the third-party dashboard