Requirements
- Target platform
- OpenClaw
- Install method
- Manual import
- Extraction
- Extract archive
- Prerequisites
- OpenClaw
- Primary doc
- SKILL.md
Tencent SkillHub Β· Productivity
OfficeX
Complete OfficeX platform skill for end-user consumers and app developers interacting with the OfficeX REST API. Covers the full credit-based app marketplace...
skill openclawclawhub Free
Complete OfficeX platform skill for end-user consumers and app developers interacting with the OfficeX REST API. Covers the full credit-based app marketplace...
β¬ 0 downloads β
0 stars Unverified but indexed
Install for OpenClaw
Quick setup
- Download the package from Yavira.
- Extract the archive and review SKILL.md first.
- Import or place the package into your OpenClaw setup.
Package facts
- Download mode
- Yavira redirect
- Package format
- ZIP package
- Source platform
- Tencent SkillHub
- What's included
- SKILL.md
Validation
- Use the Yavira download entry.
- Review SKILL.md after the package is downloaded.
- Confirm the extracted package contains the expected setup assets.
Install with your agent
Agent handoff
Hand the extracted package to your coding agent with a concrete install brief instead of figuring it out manually.
- Download the package from Yavira.
- Extract it into a folder your agent can access.
- Paste one of the prompts below and point your agent at the extracted folder.
New install
I downloaded a skill package from Yavira. Read SKILL.md from the extracted folder and install it by following the included instructions. Tell me what you changed and call out any manual steps you could not complete.
Upgrade existing
I downloaded an updated skill package from Yavira. Read SKILL.md from the extracted folder, compare it with my current installation, and upgrade it while preserving any custom configuration unless the package docs explicitly say otherwise. Summarize what changed and any follow-up checks I should run.
Trust & source
Release facts
- Source
- Tencent SkillHub
- Verification
- Indexed source record
- Version
- 1.0.0
Provenance
- Publisher
- mevdragon
- Source page
- View original listing
- Canonical URL
- Open canonical page
Documentation
OfficeX Platform
OfficeX is a membership-based app store. Users buy credits ($0.03 each: $0.02 profit + $0.01 ecosystem liability). Apps charge credits via reserve/settle. Vendors earn credits and payout to fiat (USDC on Solana or bank transfer, $0.01/credit). Get your credentials at: https://officex.app/store/en/developer/
Environments
EnvAPI BaseChat StreamStaging (default)https://staging-backend.cloud.officex.app/v1https://chat-staging.cloud.officex.app/Productionhttps://cloud.officex.app/v1https://chat.cloud.officex.app/
Authentication
ModeHeadersScopeNoneβPublic catalog, vouchers, auth endpointsMaster Keyx-officex-user-id + x-officex-master-keyProfile, installs, wallets, vendor appsInstall Secretx-officex-install-id + x-officex-install-secretBilling: reserve, settle, cancel, inboxInstall Secret (alt)x-officex-user-id + x-officex-app-id + x-officex-install-secretSame as above (alternative lookup)Superadminx-officex-admin-secretFull system (/admin/*) Install Secret is billing only β your app manages its own user authentication separately. The install secret handles the money, your app handles everything else.
Credit Economy
User buys credits β Treasury liability increases (zero-sum: Treasury + all wallets = 0) App reserves credits β Locked from user wallet App sips/settles β Credits move to app wallet Vendor payouts β Credits converted to fiat, Treasury liability decreases
Decimal Credits
Credits support decimals. Rounding up to 1 credit ($0.03) is expensive for small operations: OperationCreditsUser PaysMicro task0.1$0.003Small task0.25$0.0075Medium task0.5$0.015Standard1.0$0.03 Best practice: Price based on actual cost. If an API call costs $0.001, charge ~0.07 credits (2x markup).
Dual Roles
A single OfficeX account can be both Consumer (install and use apps) and Vendor (create apps and earn credits).
Auth (No Auth)
POST /auth/register { email } β { success, message } POST /auth/login { email, password? } β { success, api_key?, user_id? } POST /auth/verify-otp { email, code } β { success, api_key, user_id, wallet_id? } POST /auth/resend { email } β { success, message } POST /auth/forgot-password { email } β { success, message } POST /auth/reset-password { email, code, new_password } β { success, message } POST /auth/set-password { password } [MK] β { success, message } POST /auth/rotate-key { email } β { success, message } POST /auth/confirm-rotate-key { email, code } β { success, api_key } POST /register-user { email } β { user_id, wallet_id, api_key } (legacy) Testing mode: OTP hardcoded to 0000, email sending disabled.
User Profile [Master Key]
GET /users/me β { user: { user_id, email, wallet_id, status } } PATCH /users/me { email? } β { user } POST /users/me/rotate-key { new_master_key } β { success } GET /users/me/vouchers β { vouchers[] }
Installations [Master Key]
GET /users/me/installs β { installs[] } GET /users/me/installs/{id} β { install (with usage stats) } POST /install/{app_id_or_slug} { max_per_hour?, max_per_day?, max_per_month?, allowed_until? } β { app_id, install_id, install_secret, agent_context? } β οΈ secret shown once DELETE /users/me/installs/{id} β { success } PATCH /users/me/installs/{id} { max_per_hour?, max_per_day?, max_per_month?, allowed_until?, lifetime_spend_limit? } β { install } POST /users/me/installs/{id}/rotate-secret β { install_secret } PATCH /users/me/installs/{id}/context { key: val | null } β { agent_context } allowed_until: unix timestamp (-1 = never, default = now + 30d). lifetime_spend_limit: -1 = unlimited. App-scoped routes (Install Secret auth): PATCH /installs/{install_id}/context { key: val | null } β { agent_context } POST /installs/{install_id}/inbox { id, title, text, url?, icon? } β { message_id }
Vendor Apps [Master Key]
GET /users/me/apps β { apps[] } POST /register-app (see full schema below) β { app_id, destination_wallet_id } GET /users/me/apps/{app_id} β { app } PATCH /users/me/apps/{app_id} (see full schema below) β { app } DELETE /users/me/apps/{app_id} β { success } GET /users/me/apps/{app_id}/inbox β { reservations[], pagination? } POST /users/me/apps/{app_id}/inbox/{log_id}/ack β { success } GET /users/me/apps/{app_id}/installs β { installs[] }
Public Catalog (No Auth)
GET /apps β { apps[], pagination? } GET /apps/{app_id} β { app }
Credits & Balance [Master Key]
POST /purchase-credits { amount, payment_method: { type, token }, idempotency_key? } β { credits_added, new_balance, transaction_id } GET /balance β { wallet_id, available, reserved, total }
Reserve & Settle [Install Secret]
POST /reserve { amount, job_id, metadata? } β { reservation_id, amount_reserved } POST /settle { reservation_id, amount, final? } β { settled_amount, remaining_reserved, status } GET /reservations/{id} β { reservation } POST /reservations/{id}/cancel β { refunded_amount, status } POST /reservations/{id}/settle { amount, final? } β { settled_amount, status } final: true = complete + refund remainder. final: false (default) = sip (partial). Reserve errors: INSTALL_EXPIRED, RATE_LIMITED, INSUFFICIENT_FUNDS, DUPLICATE_JOB, LIFETIME_LIMIT_REACHED
Wallets [Master Key]
GET /wallets/{id} β { wallet_id, available, reserved, total, owner_type } GET /wallets/{id}/transactions ?limit=&cursor= β { transactions[], pagination? } GET /wallets/{id}/transactions/{log_id} β { transaction } GET /wallets/{id}/reservations ?direction= β { reservations[] } GET /wallets/{id}/reservations/{resv_id} β { reservation } GET /wallets/{id}/payouts β { payouts[] } GET /wallets/{id}/payouts/{payout_id} β { payout }
Payouts [Master Key]
POST /payout { wallet_id, amount, destination: { type, account_id }, idempotency_key? } β { payout_id, status } Payout state machine: pending β burned β completed | failed (failed = credits restored). Frequency: end of every month. Rate: $0.01 per credit.
Vouchers
GET /vouchers/{code} β { voucher } (No Auth) POST /vouchers/{code}/redeem { wallet_id } β { credits_added } [Master Key]
Chat [Master Key]
GET /users/me/chats ?project_id=&tracer_id= β { threads[] } POST /users/me/chats { title?, project_id?, tracer_id? } β { thread } GET /users/me/chats/{id} β { thread, messages[] } PATCH /users/me/chats/{id} { title?, tracer_id?: string|null } β { thread } DELETE /users/me/chats/{id} β { success } Streaming (Function URL, NOT API Gateway): POST <CHAT_STREAM_URL> Headers: x-officex-user-id, x-officex-master-key Body: { messages[], thread_id?, project_id?, system_prompt?, tracer_id?, include_apps? } Response: text/event-stream (SSE) Stream protocol lines (emitted before SSE data): t:{threadId}\n β resolved thread ID (always emitted) tracer:{tracerId}\n β tracer ID (emitted when tracer_id present in request) s:{json}\n β status updates
Inbox, Prompts, Refs, Uploads [Master Key]
GET /users/me/inbox β { messages[] } GET/POST/PATCH/DELETE /users/me/prompts[/{id}] β prompt CRUD GET /refs/{slug} β { ref } (No Auth) GET/POST /users/me/refs[/{slug}] β ref CRUD [Master Key] POST /uploads/presign { filename, content_type } β { presigned_url, key }
Admin [Superadmin]
All under /admin/* with x-officex-admin-secret: Users: GET /admin/users, GET/PATCH /admin/users/{id}, GET /admin/users/{id}/wallets Apps: GET /admin/apps, GET/PATCH/DELETE /admin/apps/{id} Wallets: GET /admin/wallets, GET /admin/wallets/{id}, POST /admin/wallets/{id}/adjust { amount } Treasury: GET /admin/treasury, POST /admin/reconcile, GET /admin/audit Payouts: GET /admin/payouts, GET /admin/payouts/{id}, POST /admin/payouts/{id}/approve, POST /admin/payouts/{id}/reject Vouchers: POST /admin/vouchers, GET /admin/vouchers, GET/PATCH/DELETE /admin/vouchers/{code}
Error Format
{ "success": false, "error": { "code": "ERROR_CODE", "message": "..." } } CodeHTTPDescriptionUNAUTHORIZED401Missing or invalid auth headersINVALID_SECRET401Secret doesn't match hashINVALID_REQUEST400Malformed request bodyAPP_NOT_FOUND404App doesn't existUSER_NOT_FOUND404User doesn't existWALLET_NOT_FOUND404Wallet doesn't existRESERVATION_NOT_FOUND404Reservation doesn't existINSTALL_NOT_FOUND404Installation doesn't existINSTALL_EXPIRED403Billing authorization expiredRATE_LIMITED429Exceeded rate limitINSUFFICIENT_FUNDS402Wallet balance too lowLIFETIME_LIMIT_REACHED403Cumulative spending exceeds lifetime limitFORBIDDEN403Accessing another user's resourcesDUPLICATE_REQUEST409Idempotency key collisionDUPLICATE_JOB409Job ID already has reservationPREVIOUS_FAILURE409Idempotency collision (failed, use new key)PAYMENT_FAILED402External payment rejectedPAYOUT_FAILED500Fiat transfer failedINTERNAL_ERROR500Unexpected server error
Using 3rd Party Apps
Whenever you use an app on OfficeX, you can grab the agent_context from the app installation. This may give you app secrets to interact with their REST API. However, not all apps might have it. Every app has their own skill.md that you can copy online or request via OfficeX API.
1. Create Your App
Endpoint: POST /register-app [Master Key] { name: string, // Required: 3-50 chars description?: string, price_type?: "FREE" | "PAY_PER_USE" | "ONE_TIME" | "SUBSCRIPTION" | "MIXED", webhook_url?: string, // HTTPS URL for lifecycle events suggested_rate_limits?: { max_per_hour?, max_per_day?, max_per_month?, expires_at? }, minimum_rate_limits?: { max_per_hour?, max_per_day?, max_per_month?, expires_at? }, subtitle?: string, // Max 200 chars category?: string, // Max 50 chars developer?: string, app_url?: string, iframe_url?: string, // URL for embedded iframe experience support_url?: string, contact_email?: string, context_prompt?: string, // AI agent instructions (max 5000 chars) documentation?: string, // API docs for AI agent (max 50000 chars) pricing_lines?: string[], // Max 10 items, 100 chars each tags?: string[], // Max 10 icon?: { type: "emoji" | "image", content: string }, inAppPurchases?: boolean } // Response (201): { success, app_id, destination_wallet_id, message } Example: curl -X POST https://cloud.officex.app/v1/register-app \ -H "Content-Type: application/json" \ -H "x-officex-user-id: $OFFICEX_USER_ID" \ -H "x-officex-master-key: $OFFICEX_API_KEY" \ -d '{ "name": "Lead Enrichment Pro", "description": "Enrich B2B leads with company data", "price_type": "PAY_PER_USE", "subtitle": "B2B lead enrichment powered by AI", "category": "Marketing", "developer": "Acme Corp", "webhook_url": "https://myapp.com/webhooks/officex", "iframe_url": "https://myapp.com/officex", "documentation": "## API Reference\n\nThis app enriches leads...", "context_prompt": "This app enriches B2B leads. When the user asks to enrich leads, call the /enrich endpoint.", "suggested_rate_limits": { "max_per_hour": 50, "max_per_day": 200, "max_per_month": 2000 }, "pricing_lines": ["5 credits per lead enrichment", "Bulk discount: 3 credits for 10+ leads"] }' Each app gets a discrete wallet (destination_wallet_id). Earnings go there, not your personal wallet. documentation is injected into the AI chat agent's system prompt. context_prompt provides additional instructions for the AI agent.
2. Update Your App
Endpoint: PATCH /users/me/apps/{app_id} [Master Key] β All fields optional, set to null to clear: { name?, description?, price_type?, webhook_url?, iframe_url?, app_url?, subtitle?, category?, developer?, support_url?, contact_email?, context_prompt?, documentation?, pricing_lines?, tags?, icon?, previews?, icon_url?, preview_images?, youtube_url?, suggested_rate_limits?, minimum_rate_limits?, inAppPurchases? }
3. List App's Installs (Vendor View)
Endpoint: GET /users/me/apps/{app_id}/installs [Master Key] // Response (200) { success: true, installs: Array<{ user_id: string, install_id: string, nickname?: string, status: string, installed_at: string, max_per_hour: number, max_per_day: number, max_per_month: number, allowed_until: number, usage: { hour: number, day: number, month: number } }> }
Installation Flow (When Users Install Your App)
When a user installs your app, OfficeX: Creates an Installation Record linking user to app Generates an Install ID and Install Secret (scoped billing credentials) Sets rate limits (user-specified or your suggested defaults) Sets allowed_until expiry (default: 30 days, or -1 for no expiry) Fires an INSTALL webhook to your webhook_url (if configured) The install endpoint accepts both app_id (UUID) and slug (string) in the path parameter.
Webhook Events
Your app receives lifecycle events at webhook_url. Envelope: { event, payload, uuid }. INSTALL Event: { "event": "INSTALL", "payload": { "install_id": "uuid-of-installation", "install_secret": "base64url-encoded-secret", "user_id": "uuid-of-user", "app_id": "uuid-of-your-app", "email": "user@example.com", "timestamp": "2025-01-25T10:30:00Z" }, "uuid": "unique-request-id" } UNINSTALL Event: payload: { install_id, user_id, app_id, timestamp } RATE_LIMIT_CHANGE Event: payload: { install_id, user_id, app_id, max_per_hour, max_per_day, max_per_month, allowed_until, timestamp } Webhook Response: Your response for INSTALL can include agent_context (only this key is extracted). Values are stored on the installation and injected into the user's AI agent prompt: { "agent_context": { "api_key": "sk-abc123", "workspace_id": "ws-456", "base_url": "https://myapp.com/api/v1" } } Delivery: POST, application/json, 25s timeout, fire-and-forget (no retries in v1). Note: Not all apps need a webhook. Apps where the user supplies their own credentials (e.g., Telegram bot token) can skip the webhook entirely and use PATCH /installs/{install_id}/context from within the app UI post-install. See Agent Context for details.
The Reserve β Sip β Settle Pattern
βββββββββββββββ βββββββββββββββ βββββββββββββββ β RESERVE ββββββΊβ SIP ββββββΊβ SETTLE β β Lock funds β β Progressiveβ β Finalize β β for job β β billing β β + refund β βββββββββββββββ βββββββββββββββ βββββββββββββββ β βΌ (if job fails) βββββββββββββββ β CANCEL β β Full refundβ βββββββββββββββ
Reserve (Lock Funds)
POST /reserve [Install Secret] // Request { amount: number, job_id: string, metadata?: Record<string, unknown> } // Response (200) { success: true, reservation_id: string, amount_reserved: number } curl -X POST https://cloud.officex.app/v1/reserve \ -H "Content-Type: application/json" \ -H "x-officex-install-id: $INSTALL_ID" \ -H "x-officex-install-secret: $INSTALL_SECRET" \ -d '{ "amount": 10, "job_id": "lead-enrich-job-12345", "metadata": { "leads_count": 50 } }' Internally: user's wallet.available decreases, wallet.reserved increases, creates RESV#<job_id>. Error CodeMeaningINSTALL_EXPIREDallowed_until timestamp has passedLIFETIME_LIMIT_REACHEDCumulative spending exceeds limitRATE_LIMITEDHourly/daily/monthly limit exceededINSUFFICIENT_FUNDSNot enough available creditsDUPLICATE_JOBThis job_id already has a reservation
Sip (Progressive Settlement)
POST /reservations/{reservation_id}/settle (or POST /settle) [Install Secret] // Request (partial) { amount: number, final: false } // Response (200) { success: true, settled_amount: number, remaining_reserved: number, status: "partial" } Example β enriching 100 leads: Reserve 100 credits βββ Sip 10 (processed 10 leads) β settled: 10, reserved: 90 βββ Sip 10 (processed 20 leads) β settled: 20, reserved: 80 βββ Sip 10 (processed 30 leads) β settled: 30, reserved: 70 βββ Settle final 70 β settled: 100, reserved: 0, status: "completed"
Settle (Final)
// Request (final) { amount: number, final: true } // Response (200) { success: true, settled_amount: number, remaining_reserved: number, status: "completed" } Remaining reserved funds (if any) are refunded to user. Credits move to your app's wallet.
Cancel (Full Refund)
POST /reservations/{reservation_id}/cancel [Install Secret] // Response (200) { success: true, refunded_amount: number, status: "cancelled" }
Rate Limits & Allowances
Rate limits are per (user, app) pair β each installation has independent limits. WindowDefaultDescriptionHourly100 reservationsResets each hourDaily300 reservationsResets each dayMonthly1000 reservationsResets each month Minimum rate limits (developer-set floor): Users cannot go below these values. allowed_until: Unix timestamp (-1 = never expires, default = now + 30 days). When expired, all /reserve calls fail with INSTALL_EXPIRED. Enables pseudo-subscription billing. lifetime_spend_limit: Total credits an app can ever charge across all time. Set to -1 for unlimited. Fails with LIFETIME_LIMIT_REACHED when exceeded. App TypeSuggested HourlyDailyMonthlyLead enrichment502002000Data export1050200AI generation201001000Real-time lookup1005005000
Agent Context (AI Chat Integration)
When users chat with OfficeX AI, the agent receives your app's documentation and context_prompt. Store per-install credentials via: PATCH /users/me/installs/{install_id}/context [Master Key] or PATCH /installs/{install_id}/context [Install Secret] // Request: Record<string, string | null> (null deletes key) { "api_key": "sk-abc123", "workspace_id": "ws-456" } // Response (200) { success: true, agent_context: { "api_key": "sk-abc123", "workspace_id": "ws-456" } } Validation: Max 50 keys, 200 chars/key, 1000 chars/value. Two patterns for setting agent_context: Webhook-response (auto): Return credentials in your INSTALL webhook response β auto-applied as agent_context. Best for apps that provision credentials server-side on install. Post-install from app UI (manual): App collects credentials from the user inside its own iframe/UI after install, then PATCHes them via install secret auth. Best for apps where the user supplies their own API key/token (e.g., Telegram bot token, OpenAI key, Stripe key). Flow: User installs app (no extra params needed) User opens app β enters their credentials in the app's UI App calls PATCH /installs/{install_id}/context with install secret auth Credentials are stored on the installation β available to AI agent via load_app_skill # App-side context update (install secret auth) PATCH /v1/installs/{install_id}/context Headers: X-Officex-Install-Id: {install_id}, X-Officex-Install-Secret: {install_secret} Body: { "telegram_bot_token": "123456:ABC-DEF..." } β { success: true, agent_context: { "telegram_bot_token": "123456:ABC-DEF..." } }
Sending Inbox Messages
Notify users about job status, results, or important updates: POST /installs/{install_id}/inbox [Install Secret] // Request { id: string, // Idempotency key (unique per app+user) title: string, // Max 200 chars text: string, // Max 2000 chars url?: string, // Link to results icon?: string // Icon URL } // Response (201) β New message { success: true, message_id: string } // Response (200) β Deduplicated { success: true, message_id: string, deduplicated: true } curl -X POST https://cloud.officex.app/v1/installs/$INSTALL_ID/inbox \ -H "Content-Type: application/json" \ -H "x-officex-install-id: $INSTALL_ID" \ -H "x-officex-install-secret: $INSTALL_SECRET" \ -d '{ "id": "job-12345-complete", "title": "Lead Enrichment Complete", "text": "Successfully enriched 50 leads. 3 could not be found.", "url": "https://myapp.com/results/12345" }'
Pattern 1: Free Apps
No reservations needed. Use inbox messages to communicate.
Pattern 2: One-Time Purchase
Reserve and settle immediately for discrete actions: const reservation = await reserve({ amount: 0.5, job_id: `enrich-${leadId}` }); const result = await enrichLead(leadId); await settle({ amount: 0.5, final: true });
Pattern 3: Usage-Based (Progressive Sip)
For long-running jobs, bill incrementally: const reservation = await reserve({ amount: 10, job_id: `batch-${batchId}` }); for (const item of items) { await processItem(item); await settle({ amount: 0.1, final: false }); // sip per item } await settle({ amount: 0, final: true }); // finalize, refund unused
Pattern 4: Subscription-like
Use allowed_until for time-based access: if ( install.allowed_until !== -1 && Date.now() / 1000 >= install.allowed_until ) { return { error: "Please renew your subscription" }; }
Pattern 5: Internal Credits System (Recommended)
Decouple your app from OfficeX API by maintaining your own internal ledger: Reserve + settle OfficeX credits in bulk Mint equivalent internal credits in your DB Your app logic consumes internal credits only β no OfficeX API calls during normal operation OfficeX Credits (external) Your App Credits (internal) βββββββββββββββββββββββ βββββββββββββββββββββββ β User's OfficeX β reserve β β β wallet ββββββββββββββΊβ (funds locked) β β β settle β Internal ledger β β ββββββββββββββΊβ += settled amount β β β β App consumes from β β β β internal ledger β βββββββββββββββββββββββ βββββββββββββββββββββββ async function settleAndMintCredits( reservationId, installId, installSecret, amount, final, userId, ) { const result = await fetch( `https://cloud.officex.app/v1/reservations/${reservationId}/settle`, { method: "POST", headers: { "Content-Type": "application/json", "x-officex-install-id": installId, "x-officex-install-secret": installSecret, }, body: JSON.stringify({ amount, final }), }, ).then((r) => r.json()); if (!result.success) throw new Error(result.error.message); await db.internalCredits.increment(userId, amount); return result; } // Reserve a block, settle immediately, user spends internal credits freely const reservation = await reserve({ amount: 50, job_id: `session-${sessionId}`, }); await settleAndMintCredits( reservation.reservation_id, installId, installSecret, 50, true, userId, ); // Now user has 50 internal credits β no more OfficeX API calls needed Benefits: decoupled from API availability, flexible internal pricing, auditability, batch funding, simpler error handling.
Frontend Integration (Iframe Embedding)
When users launch your app from OfficeX, it loads in an iframe with credentials as URL params: https://your-app.com/officex?officex_customer_id={user_id}&officex_install_id={install_id}&officex_install_secret={install_secret}
Extracting Credentials
JavaScript/TypeScript: const params = new URLSearchParams(window.location.search); const customerId = params.get("officex_customer_id"); const installId = params.get("officex_install_id"); const installSecret = params.get("officex_install_secret"); if (!installId || !installSecret) { showError("Please access this app through the OfficeX app store"); return; } sessionStorage.setItem("officex_install_id", installId); sessionStorage.setItem("officex_install_secret", installSecret); Python (Flask): @app.route('/officex') def officex_entry(): install_id = request.args.get('officex_install_id') install_secret = request.args.get('officex_install_secret') if not install_id or not install_secret: return "Please access this app through OfficeX", 403 session['officex_install_id'] = install_id session['officex_install_secret'] = install_secret return render_template('app.html')
Required: Allow OfficeX to Embed Your App
Your app must allow the OfficeX domain to embed it via iframe: Content-Security-Policy: frame-ancestors 'self' https://officex.app https://*.officex.app Next.js (next.config.js): module.exports = { async headers() { return [ { source: "/:path*", headers: [ { key: "Content-Security-Policy", value: "frame-ancestors 'self' https://officex.app https://*.officex.app", }, ], }, ]; }, }; Express.js: app.use((req, res, next) => { res.setHeader( "Content-Security-Policy", "frame-ancestors 'self' https://officex.app https://*.officex.app", ); next(); }); Without this header: blank screen or console errors about "refused to frame." Security: Never expose install_secret to users (use sessionStorage, not localStorage) Validate on backend for sensitive operations HTTPS required Handle missing params gracefully (users may bookmark deep links)
Webhook Authentication Flow (SSO)
The INSTALL webhook enables seamless single sign-on: User clicks "Install" β OfficeX POSTs webhook β Your app creates/links user β Returns agent_context β User launches iframe β Lookup by install_id β Authenticated!
Implementing onInstall Authentication
Step 1: Handle webhook: app.post("/webhooks/officex", async (req, res) => { const { event, payload, uuid } = req.body; if (event === "INSTALL") { const { install_id, install_secret, user_id, app_id, email } = payload; let user = await db.users.findOne({ officex_user_id: user_id }); if (!user) { user = await db.users.create({ officex_user_id: user_id, officex_install_id: install_id, created_at: new Date(), }); } else { await db.users.update( { officex_user_id: user_id }, { officex_install_id: install_id }, ); } // Return agent_context β credentials the AI agent needs to call your API res.json({ agent_context: { user_token: user.apiToken, base_url: "https://myapp.com/api/v1", }, }); } else { res.json({ received: true }); } }); Step 2: Look up user when iframe loads: app.get("/officex", async (req, res) => { const installId = req.query.officex_install_id; const customerId = req.query.officex_customer_id; const user = await resolveUser(installId, customerId); req.session.user = user; req.session.officex = { install_id: installId, install_secret: req.query.officex_install_secret, }; res.redirect("/dashboard"); });
Handling Webhook Failures
Webhooks are fire-and-forget (no retries). Always have a fallback: async function resolveUser(installId, customerId) { // Try install_id first (most specific) let user = await db.users.findOne({ officex_install_id: installId }); if (user) return user; // Fall back to customer_id (they might have reinstalled) user = await db.users.findOne({ officex_user_id: customerId }); if (user) { await db.users.update({ id: user.id }, { officex_install_id: installId }); return user; } // No user found β create on-the-fly return await db.users.create({ officex_user_id: customerId, officex_install_id: installId, created_at: new Date(), }); }
Fault Tolerance
Your app should treat OfficeX as an external payment layer, not a core dependency. Principles: Wrap all OfficeX API calls in try/catch with timeouts (3-5 seconds) Your app should function if all OfficeX code was removed β OfficeX is how you get paid, not your runtime Use the Internal Credits pattern (Pattern 5) for maximum resilience Resilient billing wrapper: async function safeReserve(installId, installSecret, amount, jobId) { try { const res = await fetch("https://cloud.officex.app/v1/reserve", { method: "POST", headers: { "Content-Type": "application/json", "x-officex-install-id": installId, "x-officex-install-secret": installSecret, }, body: JSON.stringify({ amount, job_id: jobId }), signal: AbortSignal.timeout(5000), }).then((r) => r.json()); if (!res.success) { console.error(`OfficeX reserve failed: ${res.error?.code}`, res.error); return res; } return res; } catch (err) { console.error("OfficeX API unreachable, queuing for retry:", err.message); await billingRetryQueue.enqueue({ installId, amount, jobId, attemptedAt: new Date(), }); return { success: false, error: { code: "OFFICEX_UNREACHABLE", message: err.message }, }; } } Error handling for reservations: async function reserveWithRetry(installId, amount, jobId) { try { return await reserve(installId, amount, jobId); } catch (error) { if (error.code === "INSTALL_EXPIRED") { await sendInboxMessage(installId, { id: `renew-${jobId}`, title: "Authorization Expired", text: "Please renew your authorization to continue.", }); } if (error.code === "INSUFFICIENT_FUNDS") { await sendInboxMessage(installId, { id: `topup-${jobId}`, title: "Low Balance", text: `Need ${amount} credits. Please top up.`, }); } if (error.code === "RATE_LIMITED") { await sendInboxMessage(installId, { id: `ratelimit-${jobId}`, title: "Rate Limit Reached", text: "You've hit your usage limit for this period.", }); } throw error; } } Practical guidelines: Set aggressive timeouts (3-5 seconds) on all OfficeX API calls If reserve fails, consider letting user proceed and retrying billing later Webhooks are fire-and-forget β always have a fallback path (create users on-the-fly from iframe params) Consider a simple toggle to disable OfficeX billing during development/testing Log OfficeX errors instead of throwing unhandled exceptions
Complete Integration Example
1. Register app: curl -X POST https://cloud.officex.app/v1/register-app \ -H "Content-Type: application/json" \ -H "x-officex-user-id: $OFFICEX_USER_ID" \ -H "x-officex-master-key: $OFFICEX_API_KEY" \ -d '{ "name": "My Awesome App", "price_type": "PAY_PER_USE", "webhook_url": "https://myapp.com/webhooks/officex", "iframe_url": "https://myapp.com/officex", "documentation": "## API\n\nCall POST /api/enrich with {leadId} to enrich a lead.", "context_prompt": "This app enriches leads. Use the /api/enrich endpoint." }' 2. Handle webhook: app.post("/webhooks/officex", async (req, res) => { const { event, payload } = req.body; if (event === "INSTALL") { const user = await db.users.upsert({ officex_user_id: payload.user_id, officex_install_id: payload.install_id, officex_install_secret: payload.install_secret, email: payload.email, }); return res.json({ agent_context: { api_key: user.apiKey, base_url: "https://myapp.com/api/v1", }, }); } res.json({ ok: true }); }); 3. Handle iframe entry: app.get("/officex", async (req, res) => { const user = await resolveUser( req.query.officex_install_id, req.query.officex_customer_id, ); req.session.user = user; req.session.officex = { install_id: req.query.officex_install_id, install_secret: req.query.officex_install_secret, }; res.redirect("/dashboard"); }); 4. Bill from your app: app.post("/api/enrich-lead", async (req, res) => { const { install_id, install_secret } = req.session.officex; const { leadId } = req.body; const reservation = await safeReserve( install_id, install_secret, 5, `enrich-${leadId}-${Date.now()}`, ); if (!reservation.success) return res.status(400).json({ error: reservation.error }); const enrichedData = await enrichLead(leadId); await fetch( `https://cloud.officex.app/v1/reservations/${reservation.reservation_id}/settle`, { method: "POST", headers: { "Content-Type": "application/json", "x-officex-install-id": install_id, "x-officex-install-secret": install_secret, }, body: JSON.stringify({ amount: 5, final: true }), }, ); res.json({ success: true, data: enrichedData }); });
Quick Start Workflows
Consumer β Register + Fund + Install: curl -X POST $BASE/auth/register -d '{"email":"user@example.com"}' curl -X POST $BASE/auth/verify-otp -d '{"email":"user@example.com","code":"0000"}' # β { api_key, user_id, wallet_id } curl -X POST $BASE/purchase-credits -H "x-officex-user-id: $UID" -H "x-officex-master-key: $KEY" \ -d '{"amount":1000,"payment_method":{"type":"stripe","token":"tok_xxx"}}' curl -X POST $BASE/install/$APP_ID -H "x-officex-user-id: $UID" -H "x-officex-master-key: $KEY" # β { install_id, install_secret } Developer β Register App + Billing: curl -X POST $BASE/register-app -H "x-officex-user-id: $UID" -H "x-officex-master-key: $KEY" \ -d '{"name":"My App","price_type":"PAY_PER_USE","webhook_url":"https://myapp.com/webhooks/officex"}' # β { app_id, destination_wallet_id } # From app server (using install secret from webhook): curl -X POST $BASE/reserve -H "x-officex-install-id: $IID" -H "x-officex-install-secret: $SEC" \ -d '{"amount":10,"job_id":"job-1"}' curl -X POST $BASE/settle -H "x-officex-install-id: $IID" -H "x-officex-install-secret: $SEC" \ -d '{"reservation_id":"RESV#job-1","amount":8,"final":true}' # 2 credits refunded to user, 8 credited to app wallet Vendor Payout: curl -X POST $BASE/payout -H "x-officex-user-id: $UID" -H "x-officex-master-key: $KEY" \ -d '{"wallet_id":"$APP_WALLET","amount":500,"destination":{"type":"stripe","account_id":"acct_xxx"}}'
Tracers (Cross-Thread Correlation)
A tracer_id is a string (format: trc_{timestamp36}-{random}) that links causally-related threads and schedule runs. Use cases: schedule runs weekly β each run creates a thread β all threads share one tracer_id β frontend can render a unified timeline. Where tracer_id appears: Threads: POST /users/me/chats body accepts tracer_id. GET /users/me/chats?tracer_id=trc_xxx filters by tracer. PATCH can set/clear it (null to remove). Schedules: POST /users/me/schedules body accepts tracer_id (auto-generated as trc_* if omitted). All schedule responses include it. Schedule Runs: Each run record includes tracer_id copied from the schedule. Chat Stream: Body accepts tracer_id. Stream protocol emits tracer:{tracerId}\n after t:{threadId}\n. Example flow: Create schedule β tracer_id: "trc_abc123" auto-generated Schedule runs β creates thread with tracer_id: "trc_abc123" Query GET /users/me/chats?tracer_id=trc_abc123 β returns all threads from this schedule
FAQ
How do I test without real money? Use vouchers via admin panel or test voucher codes. Can my app have multiple pricing tiers? Yes. Your app logic decides how many credits to reserve per action. What happens if my webhook is down? Webhooks are fire-and-forget. Handle gracefully by polling installation status or creating users on-the-fly from iframe params. Can I transfer credits between apps I own? No. Credits only flow through reservation/settlement. Each app wallet is independent. How do I handle long-running jobs that fail? Reserve upfront, sip as work completes, cancel on failure (refunds all unsettled credits), send inbox message explaining what happened. How does the AI chat agent interact with my app? The agent receives your documentation and context_prompt. If agent_context has credentials, the agent calls your API via http_request tool. Make sure docs include clear API instructions.
Category context
Workflow acceleration for inboxes, docs, calendars, planning, and execution loops.
Source: Tencent SkillHub
Largest current source with strong distribution and engagement signals.
Package contents
Included in package
1 Docs
- SKILL.md