The Difference Between Knowing and Looking Up
There are two kinds of customer questions. The first kind is general: What's your return policy? How long does shipping take? Do you ship to Germany? A well-stocked knowledge base handles these.
The second kind is specific: Where is my order #4521? Is the blue version still in stock? What is left on my plan this month? These don't live in a knowledge base. They live in your systems — your order management, your inventory, your billing — and they change every second.
A chatbot that can only handle the first kind is a glorified FAQ. A chatbot that can also handle the second kind is an assistant. The difference between the two is API access.
Why the Gap Costs You Customers
Most "AI chat" today is built on a knowledge base alone. It can paraphrase your shipping policy in seventeen languages, but it can't tell a customer where their actual package is right now. So the customer asks, the bot deflects, and the customer either gives up or waits for an operator to look up data the bot could have fetched in milliseconds.
That is the chatbot ceiling. Every "let me check on that for you" is a missed chance to answer in seconds, on the first message, while the customer's intent is still hot.
What API Connections Actually Do
In enuchat, an API connection is a configured link between the chat and one of your backend services. You define it once: the base URL, the authentication method, and a handful of endpoints with their parameters and how to map the response.
From that point on, the AI can call those endpoints during a conversation. When a visitor asks about an order, the AI extracts the order number, calls your order endpoint, reads the live status, and folds it into the reply. The visitor sees one sentence: "Your order #4521 shipped yesterday and is expected to arrive Thursday." Behind that sentence, a real API call happened.
The customer doesn't see the plumbing. They just see that the chat actually knows.
Five Authentication Methods, No Custom Code
Most APIs you'd want to connect already use standard authentication. enuchat supports five out of the box:
- None — for public APIs that don't need auth
- API Key — sent as a header or query parameter
- Bearer Token — for simple token-based auth
- Basic Auth — for legacy systems
- OAuth 2.0 client credentials — for modern providers like Salesforce, HubSpot, or your own OAuth server
For OAuth 2.0, enuchat handles the token lifecycle automatically — fetches on first call, caches until expiry, refreshes when needed. You configure the credentials once and forget about them. All credentials are encrypted at rest with libsodium and never appear in API responses.
Variables, Templates, and Response Mapping
Endpoints are defined as templates. A path like /orders/{orderId} or a JSON body referencing {customerId} interpolates values from session variables — variables the AI or a static rule can set during the conversation.
When the API responds, you map fields from the JSON response back to session variables using dot notation. data.status becomes order_status. data.shipping.eta becomes delivery_eta. The AI then weaves those values into a natural-language reply — in the visitor's own language.
Three Patterns That Cover Most Use Cases
In practice, most API integrations fall into one of three shapes.
Lookup and reply
The visitor asks a question that can be answered with one API call. The rule fires CALL_API followed by REPLY_AI. The AI uses the fetched data to compose a grounded, contextual answer. Order status, account balance, room availability, current pricing, package tracking — all of these fit here.
Lookup and route
The API call returns enough information to decide what to do next. A high-value account gets escalated to a senior agent. An expired subscription gets routed to billing. The AI uses CALL_API followed by ASSIGN_TO_OPERATOR to make routing decisions based on real customer data, not guesswork.
Multi-step flows
The first message tags the conversation with SET_VARIABLE, the second triggers the API call once enough context exists, and the third composes the answer. Useful when you need to confirm intent before pinging your backend, or when the data lookup depends on something the visitor said two messages ago.
Built-in Security
Connecting backends to a chat widget makes some teams nervous, and it should. enuchat ships several layers of protection by default:
- SSRF prevention blocks calls to localhost, private IPs, and internal-only hostnames
- 5-second timeout stops a slow API from hanging the conversation
- Tenant scoping means no cross-tenant data leakage — your endpoints are visible only to your own widgets
- Test buttons verify both the connection and each endpoint independently before you wire them into rules
- Encrypted credentials never travel back to the dashboard in clear form
What Changes for Your Customers
The chat moves from "let me find someone who can check that" to "checked, here's the answer" — in any of 60+ languages, on a Sunday at 3 AM, while your support team sleeps. Customers who would have abandoned the cart, the order, or the plan stay engaged because the answer arrives while they're still asking.
That is the difference between a chatbot and an assistant. And it's the difference your customers actually feel.
How to Get Started
If you already have enuchat set up, API connections live under Settings → API Connections. Pick one endpoint that answers a question your team types out a hundred times a week — order status is usually the highest-leverage place to start. Configure the connection, add the endpoint, wire it to a rule, and test it once before going live. See the API Connections guide for the full walkthrough.
If you are new to enuchat, sign up at enuchat.com. The free tier includes API connections from day one — no card required, no per-conversation fees, no trial expiry.
Five minutes to plug in your first endpoint. The first useful answer usually arrives the same day.