Lexington Capital — Tech Call Brief

Call Objective

Validate that our pipeline can plug into their Kixie + Salesforce setup with zero disruption
Get Alex (CTO) technically aligned — he hasn't been in the room yet
Walk away with credentials or a clear path to getting them this week

Who's on the Call

Their Stack (Confirmed from First Call)

Name	Role	Why they matter here
Alex	CTO / Tech Lead	Owns Salesforce. First time in the room with us. His buy-in is the gate.
Grizzly (Frank L.)	VP Sales & Ops	Already aligned on the business case. Here to bridge us to Alex.
Corey	Technology / Ops	May join. Manages current Make automations — knows the existing wiring.

INFO What we're integrating with

Salesforce Enterprise — CRM, all rep activity. Alex is the dedicated developer. Non-negotiable.
Kixie — Power dialer. Auto-logs calls to Salesforce. Has call recording.
Make (Integromat) — Current bridge between Kixie → Salesforce (auto-creates tasks).
~70 users, 250-450 calls/rep/day

What We've Already Verified

VERIFIED Kixie endcall webhook

Fires after every completed call
Payload includes recordingurl (MP3), contactid, dealid, disposition, duration
Auth: API Key + Business ID (all Kixie plans include API access)

VERIFIED Salesforce Enterprise REST API

Task creation — POST /sobjects/Task (call summaries linked to Contact/Deal)
Notes — ContentNote (rich text attached to any record)
PDF upload — ContentVersion + ContentDocumentLink
Custom objects — up to 200 (AI scores, compliance flags, etc.)
Server-to-server auth — OAuth 2.0 Client Credentials Flow
Rate limits — 100K base + 1K/user/day (~170K/day for 70 users)

VERIFIED Our pipeline works end-to-end

Already built and tested: Audio upload → AssemblyAI transcription → GPT-4o analysis + scorecard → formatted output. 37-second processing time on 12-min call. What's left is plugging into their systems on both ends.

Questions for Alex

Kixie → Us (Inbound)

ASK Kixie API Key + Business ID

We need these to register our webhook endpoint for the endcall event. Do you have access to Kixie's admin settings, or does someone else manage that?

✎

ASK Are recording URLs publicly accessible?

Kixie's recordingurl in the webhook payload — is it a direct MP3 link we can fetch, or does it require a session/auth header? This determines how we pull the audio into our pipeline.

✎

ASK What does the Make automation do exactly?

We know it bridges Kixie → Salesforce. Specifically: what does it create in SF? Tasks? Activity records? Custom objects? We need to make sure we don't duplicate records when we add our webhook alongside it.

✎

ASK Does Kixie support multiple webhooks on the same event?

We want to add ours without touching the existing Make integration. Can they both fire on endcall, or do we need to daisy-chain through a single endpoint?

✎

Us → Salesforce (Outbound)

ASK Salesforce sandbox environment

Do you have a sandbox org we can develop and test against? We should not be writing to production Salesforce during integration build-out. Standard practice — we build in sandbox, validate, then flip to prod.

✎

ASK Connected App for OAuth Client Credentials

We need a Connected App in Salesforce for server-to-server API access. This gives us a client_id + client_secret — no user sessions required. Has Alex set one of these up before? Can we get this created this week?

✎

ASK Salesforce object model — where do we write?

We need to know exactly where our AI output lands:

Standard Opportunity or custom deal object?
Do they use standard Task for call activity, or a custom object?
Where do call recordings / notes currently live?
Any custom fields we should be aware of? (e.g., disposition, call outcome)

✎

ASK Where should AI analysis live in Salesforce?

Our output per call: transcript, AI summary, coaching notes, score, compliance flags. Options:

Attach as a Task with structured fields + PDF attachment
Write to a custom object (e.g., Call_Analysis__c) linked to Contact/Opportunity
Combination — summary as Task, detailed scorecard as PDF

What would Alex and the reps prefer to see in their SF workflow?

✎

ASK Salesforce file storage — are they near limits?

Enterprise = 10GB files + 2GB/user (~150GB total). If we're attaching PDFs at scale, should we host externally and link? Or do they have plenty of headroom?

✎

ASK IP whitelisting on Salesforce?

Does your Salesforce org restrict API access to whitelisted IPs? If so, we need to provide our server IPs (Vercel edge network) to be added. This can silently block everything if we don't address it upfront.

✎

ASK Existing Salesforce automations / triggers

Do you have Apex triggers, workflow rules, or Process Builder flows that fire when Tasks are created or when records are updated on the objects we'll be writing to? Our API writes could cascade into unexpected behavior if there are existing automations on those objects.

✎

Scope & Expectations

ASK Latency expectation — how fast do results need to appear?

After a call ends, how quickly do you expect the AI analysis to show up in Salesforce? Our current pipeline processes a 12-min call in ~90 seconds. At scale with queuing, expect 2-5 minutes. Is that acceptable, or do you need sub-minute?

✎

ASK Which calls get analyzed?

This is the #1 cost driver. At $0.0065/min transcription + GPT-4o analysis, each 12-min call costs us ~$0.12. Options:

All calls (expensive at scale — 20K/day)
Outbound only
Calls over a minimum duration (e.g., 2+ minutes to filter out voicemails/no-answers)
Specific dispositions only
Manager-selected calls for coaching

✎

ASK Compliance — what are the actual requirements?

Grizzly mentioned compliance monitoring. What regulations? TCPA? State-specific disclosures? Industry rules? What are they checking for today (if anything), and what would they want flagged?

✎

Alex Will Ask — Be Ready

READY "How do you handle our data? Where does audio go?"

Your answer: Audio is uploaded to our secure cloud storage (Supabase, hosted on AWS), sent to AssemblyAI for transcription (SOC 2 Type II certified, HIPAA eligible, data deleted after processing), then analyzed by GPT-4o via OpenAI's API (Enterprise-grade, no training on customer data). We do not store raw audio long-term — it's deleted within 24 hours after processing. Only the text transcript and AI analysis persist, stored in our encrypted database. We can provide a data flow diagram and DPA if needed.

✎

READY "What happens if your system goes down? Do we lose calls?"

Your answer: Kixie webhooks have retry logic — if our endpoint returns a non-200, they'll retry. On our side, we use a job queue pattern: we accept the webhook immediately (sub-second response), then process asynchronously. If processing fails, the job stays in queue for retry. Kixie still records and logs the call to Salesforce via Make as normal — our system is additive, not in the critical path. If we're down, they lose AI analysis on those calls, not the calls themselves.

✎

READY "What Salesforce permissions does your integration need?"

Your answer: Minimal. The Connected App uses OAuth Client Credentials with a scoped permission set. We only need: create Tasks, create ContentNote, create ContentVersion + ContentDocumentLink (for PDFs), and read/write on whatever object they want AI data on. No admin access, no user impersonation, no read access to anything we don't write to. Alex controls the permission set entirely.

✎

READY "Can you work with our existing Salesforce setup without changing anything?"

Your answer: Yes. We write to existing objects (Task, ContentNote) or create new custom objects — Alex's choice. We don't modify existing fields, triggers, or workflows. We're purely additive. If they have existing automations, we'll work around them, not through them.

✎

Open Technical Risks

UNKNOWN Kixie recording URL authentication

If the MP3 URL requires Kixie session auth to download, we need their API key in our pipeline. If it's a signed/public URL, we can fetch directly. This changes our architecture slightly.

✎

UNKNOWN Make webhook conflict

If Kixie only supports one webhook per event, we'd need to either replace Make or route through a single endpoint that fans out. Need to confirm multi-webhook support.

✎

UNKNOWN Salesforce storage at scale

PDF scorecards at high volume could burn through SF file storage. If they're already near capacity, we host PDFs externally and link from SF records instead.

✎

UNKNOWN IP whitelisting on Salesforce

Enterprise orgs commonly restrict API access to whitelisted IPs. Our pipeline runs on Vercel (dynamic IPs across their edge network). If they whitelist, we may need to route through a static IP proxy, or Alex needs to relax restrictions for our Connected App's profile. Could delay integration by days if not caught early.

✎

UNKNOWN Salesforce trigger cascade

If they have Apex triggers or process flows that fire on Task creation, our API writes could trigger unintended side effects (duplicate emails, record updates, workflow failures). Need Alex to confirm what fires on the objects we'll write to.

✎

UNKNOWN Alex's stance

Everything so far has been through Grizzly. Alex may have concerns about third-party API access to their Salesforce, data handling, or security requirements we haven't heard yet. Listen for these.

✎

Walk Away With

NEED Credentials & access (or timeline to get them) Kixie API Key + Business ID Salesforce Connected App credentials (client_id, client_secret, instance URL) Salesforce sandbox access for development Confirmation: recording URLs are fetchable (public or via API key) IP whitelisting status — do we need static IPs? If not today — firm date for when we get these (this week)

NEED Salesforce architecture answers Which SF objects they use for deals/calls (standard or custom) Where AI output should land (Task, custom object, or both) PDF storage approach (SF native vs. external link) Existing triggers/automations on target objects (avoid cascade) Latency expectation confirmed (2-5 min acceptable?)

NEED Scope definition Which calls get analyzed (all, outbound, duration filter, disposition filter) Compliance rules / what to flag Pilot group size and which team

NEED Alex's green light Alex confirms the integration approach is sound No security/compliance blockers from his side Agreement on next step: credentials → we deliver pilot in 2-3 weeks

Architecture Reference (If They Ask)

REF How the pipeline works

Kixie endcall webhook
  │
  ▼
Our System (receives recording URL + call metadata)
  │
  ├─ Download MP3 from recording URL
  ├─ Upload to AssemblyAI for transcription (~90s)
  ├─ GPT-4o analysis (scoring, summary, coaching notes, compliance flags)
  │
  ▼
Salesforce (via OAuth Client Credentials)
  ├─ Create Task with AI summary on Contact/Opportunity
  ├─ Attach PDF scorecard (or link to external)
  └─ Write to custom object fields (scores, flags)

✎

Lexington Capital — Tech Validation Call