Which APIs / SaaS platforms do you integrate with?

Anything with an API. Stripe, HubSpot, Salesforce, Pipedrive, Xero, QuickBooks, Slack, Linear, Notion, Airtable, Postgres, BigQuery, Snowflake. SOAP and XML when the partner is old enough to need it. If a vendor publishes docs, we wire to them. If they don't, we build the polling job or the inbound webhook handler.

What about OAuth and credential refresh?

Handled. OAuth flow per provider, refresh token rotation before expiry, encrypted storage at rest, audit log on every issuance. If a token revokes mid-run, the workflow pauses and routes a re-auth prompt to the right user. No silent failure, no token graveyard in someone's password manager.

How do you handle rate limits?

Token-bucket per provider, per credential. Respects the 429 with the Retry-After header instead of guessing. Spikes get queued and drained at the allowed rate. The integration does not become the reason your vendor's compliance team calls. Cost-per-call surfaced in observability so a runaway loop isn't a billing surprise.

What about replay / DLQ for failures?

Dead-letter queue on every outbound integration, surfaced in the admin with the payload and the error. Replay from the UI once the upstream is healthy — idempotency keys mean a replay doesn't double-write. Inbound webhooks verified with HMAC and stored raw before processing. Nothing is lost to a transient outage.

Who hosts the integration code?

Your infrastructure. Vercel and Supabase by default, self-host if you prefer. Credentials in your secret store, logs in your account, billing direct to you. No Canarlo SaaS in the request path. If we disappear tomorrow, the integration keeps running until something upstream breaks.

Solutions · Integrations · Canarlo

Custom integration development by Canarlo

Next.js 16, Supabase, TypeScript. For the moment the API stops being friendly — OAuth refresh, rate limits, signed payloads, replay. Typed contracts on every call, dead-letter queues, an audit row per attempt. The connector your CRM vendor calls a roadmap item.

Book a 20-min call Send a brief

Who this is for

Teams needing reliable SaaS-to-SaaS connectors with retries and replay
Stripe to NetSuite. HubSpot to the data warehouse. The integration fails on Tuesday and nobody notices until the month-end reconciliation. We ship signed webhooks, dead-letter queues, and an alert that reaches a human before the auditor does.
Founders embedding third-party APIs into a product surface
Customers connect their Shopify, their Xero, their Gmail. OAuth refresh has to be invisible. Rate limits have to be respected. We ship the connector surface as part of the product, not an add-on that breaks under real traffic.
Ops leaders moving off Zapier glue onto owned, monitorable code
Forty-three Zaps, no documentation, two of them critical to billing. Half built by a contractor who left. We rewrite the integrations into typed TypeScript, observable per call, and you stop paying per-task pricing forever.

What we ship

Webhook ingestion via canarlo-core (HMAC verification, idempotency)
OAuth flows with token refresh and credential rotation
Secret management (rotation, scoped access, audit trail)
Retry queues and dead-letter handling
Integration monitoring with alerting on failure rates

Foundations

What’s included in every build

Authentication with MFA
Operator accounts, admin accounts. Email, magic link, TOTP. Every login event logged with IP and user agent. Roles enforced at the database, not in the admin UI.
RLS-backed data isolation
Customer A's OAuth tokens are unreachable from customer B's session. Tenant boundary enforced at the row. A misrouted query returns nothing — never another tenant's secret.
Audit logging
Every external call captured with target, payload hash, response status, retry count. The trail your compliance team needs the day a vendor disputes an invoice.
Observability
Structured JSON logs with secrets redacted. Sentry wired before launch. Per-integration latency, error rate, retry count live on a dashboard from day one.
CI/CD + deployment previews
Every pull request gets a live URL. Tests gate merges. Sandbox-mode credentials run on preview environments — production credentials never leave production.
Deployment to your cloud (Vercel + Supabase)
Your Vercel team, your Supabase project, your domains, your keys. We deploy with your credentials and walk off at handover. No agency-held tokens.

Recent build

Illustrative scope
What we'd build
A typed integration layer between Stripe, HubSpot, and a warehouse. OAuth refresh handled, rate limits respected, signed webhooks both directions, dead-letter queue with replay. Six weeks, fixed fee. Same engineer answers the on-call page when an API deprecates next year.
See all projects →

Tech stack

Next.js 16
Supabase (Postgres + RLS + Edge Functions)
TypeScript
canarlo-core (webhooks, signed payloads, replay)
Vercel (hosting, preview deploys)

Our process

How we work

Step 1
01
Discovery
One scoping call. We map every integration — endpoint, auth flow, rate-limit policy, failure mode. Output: a written brief listing every contract. One week.
Step 2
02
Architecture
Data model, queue topology, retry policy, idempotency strategy on the page. Replay surface designed. One week. You sign off before code is written.
Step 3
03
Build
Four to eight weeks. Weekly demo on a real preview URL. Every external call audited from day one. Sandbox credentials before production tokens.
Step 4
04
Ship
Deploy to your cloud, cut over from the legacy Zap, watch the first week of real traffic. Handover doc names the failure mode and the on-call step.
Step 5
05
Forge Care
Optional retainer — vendor API changes, dependency updates, new connectors as your stack grows. From £500 a month. Same engineer. Cancel any time.

Parent service: Automations

Pricing

Fixed fee, scope written down before billing starts. £15k buys two integrations with OAuth, retry, and a monitoring dashboard. £30k buys five integrations with replay, dead-letter, and a customer-facing connector surface. £50k buys the integration platform — typed contracts, versioned schemas, alerting your on-call rotation respects.

Full pricing rationale and cost breakdown: How much does AI engineering cost?

Frequently asked

Which APIs / SaaS platforms do you integrate with?
Anything with an API. Stripe, HubSpot, Salesforce, Pipedrive, Xero, QuickBooks, Slack, Linear, Notion, Airtable, Postgres, BigQuery, Snowflake. SOAP and XML when the partner is old enough to need it. If a vendor publishes docs, we wire to them. If they don't, we build the polling job or the inbound webhook handler.
What about OAuth and credential refresh?
Handled. OAuth flow per provider, refresh token rotation before expiry, encrypted storage at rest, audit log on every issuance. If a token revokes mid-run, the workflow pauses and routes a re-auth prompt to the right user. No silent failure, no token graveyard in someone's password manager.
How do you handle rate limits?
Token-bucket per provider, per credential. Respects the 429 with the Retry-After header instead of guessing. Spikes get queued and drained at the allowed rate. The integration does not become the reason your vendor's compliance team calls. Cost-per-call surfaced in observability so a runaway loop isn't a billing surprise.
What about replay / DLQ for failures?
Dead-letter queue on every outbound integration, surfaced in the admin with the payload and the error. Replay from the UI once the upstream is healthy — idempotency keys mean a replay doesn't double-write. Inbound webhooks verified with HMAC and stored raw before processing. Nothing is lost to a transient outage.
Who hosts the integration code?
Your infrastructure. Vercel and Supabase by default, self-host if you prefer. Credentials in your secret store, logs in your account, billing direct to you. No Canarlo SaaS in the request path. If we disappear tomorrow, the integration keeps running until something upstream breaks.

Integrations that hold up when the API gets unfriendly.

Twenty-minute call to map your endpoints. Proposal in your inbox inside forty-eight hours.

Book a 20-min call Send a brief

Solutions · Integrations · Canarlo

Custom integration development by Canarlo

Book a 20-min call Send a brief

Who this is for

Teams needing reliable SaaS-to-SaaS connectors with retries and replay
Stripe to NetSuite. HubSpot to the data warehouse. The integration fails on Tuesday and nobody notices until the month-end reconciliation. We ship signed webhooks, dead-letter queues, and an alert that reaches a human before the auditor does.
Founders embedding third-party APIs into a product surface
Customers connect their Shopify, their Xero, their Gmail. OAuth refresh has to be invisible. Rate limits have to be respected. We ship the connector surface as part of the product, not an add-on that breaks under real traffic.
Ops leaders moving off Zapier glue onto owned, monitorable code
Forty-three Zaps, no documentation, two of them critical to billing. Half built by a contractor who left. We rewrite the integrations into typed TypeScript, observable per call, and you stop paying per-task pricing forever.

What we ship

Webhook ingestion via canarlo-core (HMAC verification, idempotency)
OAuth flows with token refresh and credential rotation
Secret management (rotation, scoped access, audit trail)
Retry queues and dead-letter handling
Integration monitoring with alerting on failure rates

Foundations

What’s included in every build

Authentication with MFA
Operator accounts, admin accounts. Email, magic link, TOTP. Every login event logged with IP and user agent. Roles enforced at the database, not in the admin UI.
RLS-backed data isolation
Customer A's OAuth tokens are unreachable from customer B's session. Tenant boundary enforced at the row. A misrouted query returns nothing — never another tenant's secret.
Audit logging
Every external call captured with target, payload hash, response status, retry count. The trail your compliance team needs the day a vendor disputes an invoice.
Observability
Structured JSON logs with secrets redacted. Sentry wired before launch. Per-integration latency, error rate, retry count live on a dashboard from day one.
CI/CD + deployment previews
Every pull request gets a live URL. Tests gate merges. Sandbox-mode credentials run on preview environments — production credentials never leave production.
Deployment to your cloud (Vercel + Supabase)
Your Vercel team, your Supabase project, your domains, your keys. We deploy with your credentials and walk off at handover. No agency-held tokens.

Recent build

Illustrative scope
What we'd build
A typed integration layer between Stripe, HubSpot, and a warehouse. OAuth refresh handled, rate limits respected, signed webhooks both directions, dead-letter queue with replay. Six weeks, fixed fee. Same engineer answers the on-call page when an API deprecates next year.
See all projects →

Tech stack

Next.js 16
Supabase (Postgres + RLS + Edge Functions)
TypeScript
canarlo-core (webhooks, signed payloads, replay)
Vercel (hosting, preview deploys)

Our process

How we work

Step 1
01
Discovery
One scoping call. We map every integration — endpoint, auth flow, rate-limit policy, failure mode. Output: a written brief listing every contract. One week.
Step 2
02
Architecture
Data model, queue topology, retry policy, idempotency strategy on the page. Replay surface designed. One week. You sign off before code is written.
Step 3
03
Build
Four to eight weeks. Weekly demo on a real preview URL. Every external call audited from day one. Sandbox credentials before production tokens.
Step 4
04
Ship
Deploy to your cloud, cut over from the legacy Zap, watch the first week of real traffic. Handover doc names the failure mode and the on-call step.
Step 5
05
Forge Care
Optional retainer — vendor API changes, dependency updates, new connectors as your stack grows. From £500 a month. Same engineer. Cancel any time.

Parent service: Automations

Pricing

Full pricing rationale and cost breakdown: How much does AI engineering cost?

Frequently asked

Which APIs / SaaS platforms do you integrate with?
Anything with an API. Stripe, HubSpot, Salesforce, Pipedrive, Xero, QuickBooks, Slack, Linear, Notion, Airtable, Postgres, BigQuery, Snowflake. SOAP and XML when the partner is old enough to need it. If a vendor publishes docs, we wire to them. If they don't, we build the polling job or the inbound webhook handler.
What about OAuth and credential refresh?
Handled. OAuth flow per provider, refresh token rotation before expiry, encrypted storage at rest, audit log on every issuance. If a token revokes mid-run, the workflow pauses and routes a re-auth prompt to the right user. No silent failure, no token graveyard in someone's password manager.
How do you handle rate limits?
Token-bucket per provider, per credential. Respects the 429 with the Retry-After header instead of guessing. Spikes get queued and drained at the allowed rate. The integration does not become the reason your vendor's compliance team calls. Cost-per-call surfaced in observability so a runaway loop isn't a billing surprise.
What about replay / DLQ for failures?
Dead-letter queue on every outbound integration, surfaced in the admin with the payload and the error. Replay from the UI once the upstream is healthy — idempotency keys mean a replay doesn't double-write. Inbound webhooks verified with HMAC and stored raw before processing. Nothing is lost to a transient outage.
Who hosts the integration code?
Your infrastructure. Vercel and Supabase by default, self-host if you prefer. Credentials in your secret store, logs in your account, billing direct to you. No Canarlo SaaS in the request path. If we disappear tomorrow, the integration keeps running until something upstream breaks.

Integrations that hold up when the API gets unfriendly.

Twenty-minute call to map your endpoints. Proposal in your inbox inside forty-eight hours.

Book a 20-min call Send a brief

Custom integration development by Canarlo

Who this is for

Teams needing reliable SaaS-to-SaaS connectors with retries and replay

Founders embedding third-party APIs into a product surface

Ops leaders moving off Zapier glue onto owned, monitorable code

What we ship

What’s included in every build

Authentication with MFA

RLS-backed data isolation

Audit logging

Observability

CI/CD + deployment previews

Deployment to your cloud (Vercel + Supabase)

Recent build

What we'd build

Tech stack

How we work

Discovery

Architecture

Build

Ship

Forge Care

Pricing

Frequently asked

Integrations that hold up when the API gets unfriendly.

Custom integration development by Canarlo

Who this is for

Teams needing reliable SaaS-to-SaaS connectors with retries and replay

Founders embedding third-party APIs into a product surface

Ops leaders moving off Zapier glue onto owned, monitorable code

What we ship

What’s included in every build

Authentication with MFA

RLS-backed data isolation

Audit logging

Observability

CI/CD + deployment previews

Deployment to your cloud (Vercel + Supabase)

Recent build

What we'd build

Tech stack

How we work

Discovery

Architecture

Build

Ship

Forge Care

Pricing

Frequently asked

Integrations that hold up when the API gets unfriendly.