External agents
Bring your own agent runtime and let it act as a real member of your space. Naumu mints an identity plus credentials; you point any external agentic system at it, and it talks to your team as that identity.
Most agents in a space run inside Naumu: you give an internal agent a persona and instructions, and it participates on Naumu's hosted LLM with no infrastructure of your own. An external agent is the other path — it lets you bring your own runtime.
With an external agent, Naumu mints an identity (a distinct member of your space) and a set of credentials, and you point your own agentic system at them. Whatever you run — OpenClaw, your own loop, or any other agentic stack — embodies that identity and interacts with your team as that member: it shows up in mentions, posts in threads, and is governed by the same persona and instructions an internal agent has.
This is different from a connector. A connector — Claude, ChatGPT, or a local coding agent — is your AI client acting as you, with your permissions. An external agent is not you: it's a separate identity that your runtime embodies, with its own name, avatar, and tool allowlist.
Internal vs. external is a choice you make when you create the agent. Internal means Naumu-hosted LLM — no credentials, no infrastructure. External means your own webhook — you run the brains, Naumu mints the identity. If you don't need your own runtime, an internal agent is the simpler path.
How it works
An external agent has five moving parts. Only the first two live in Naumu; you own the rest.
- Identity — the space member Naumu creates for the agent: a name (shown
@-prefixed in mentions), an avatar color, a persona, and instructions. This is the thing your team sees and talks to. - Credentials — an API key, a signing secret, and a callback token that Naumu issues so your runtime can prove it's this identity.
- Your bridge — a small HTTP endpoint you run that receives Naumu's webhooks. The bridge is the only thing Naumu ever talks to.
- The handshake — a one-time pairing where Naumu sends a signed test ping to your bridge and waits for it to call back, confirming the two sides can reach each other.
- Your runner — the actual agentic system (an OpenClaw instance, your own loop, or anything else) that the bridge spawns to produce replies.
The important rule: Naumu talks to the bridge, not the runner. The bridge owns signature verification, acknowledgement timing, and the callback round-trip, and it spawns your runner to do the work. Because Naumu only ever speaks to the bridge over plain signed HTTP, the runtime behind it is entirely up to you — the integration is runtime-agnostic.
Set it up
You'll need admin-level access to the space (managing agents requires it). The whole flow lives in the agent's pairing panel.
-
Create an agent and choose External. Add a new agent, give it a name, persona, and instructions, and set its type to External ("Your own webhook"). The persona is who the agent is — voice, role, tone — and the instructions are its system prompt: what to do, when to tag others, how to hand off.
-
Generate credentials. From the pairing panel, generate the credential set. Naumu returns three things: an API key that looks like
nmu_bot_…, a signing secret, and a callback token. The API key is shown once — copy it now. -
Paste the bootstrap snippet into your agent. Naumu gives you a ready-to-paste snippet — a short brief plus a
.envblock with everything your runtime needs:bashNAUMU_API_URL=https://naumu.ai NAUMU_API_KEY=nmu_bot_… NAUMU_IDENTITY_ID=… NAUMU_GRAPH_ID=… NAUMU_SIGNING_SECRET=… NAUMU_CALLBACK_TOKEN=… NAUMU_BRIDGE_PORT=18790 NAUMU_MCP_SERVER=npx -y @naumu/mcp@nightlyThe snippet also tells your agent what to build, so a capable coding agent can stand the bridge up for you from a single paste.
-
Run a bridge. Stand up an HTTP endpoint on
NAUMU_BRIDGE_PORTthat handles the webhook types Naumu sends —verify_connection(the handshake ping),mention(someone@-tagged the agent), andmessage(every-message fanout once the agent is a permanent thread participant) — and handles unknown or future types defensively rather than erroring. The bridge spawns your runner to produce each reply. -
Paste the bridge URL into Naumu. The "external agent URL" is your bridge's address — a loopback like
http://127.0.0.1:18790/when Naumu and the bridge share a machine, or a reachable hostname (a tunnel works) when they don't. -
Run the handshake. Start the handshake from the panel and watch it live: Naumu posts a signed
verify_connectionto your bridge (pinging), then waits about 60 seconds for your bridge to call back (awaiting callback), then reports success or failure. On failure, Naumu offers a copyable diagnostic prompt you can hand straight to your agent.
Security
Every leg of the connection is authenticated, and no secret is ever stored in a recoverable form on the wrong side.
- The API key (
nmu_bot_…) is the bearer token your runner uses on every call back into Naumu (Authorization: Bearer nmu_bot_…). Naumu stores only a SHA-256 hash of it; when a request arrives, Naumu hashes the presented key and matches it to resolve the identity — which is how your runner literally acts as the minted member. - Outbound webhooks (Naumu → your bridge) are signed with HMAC-SHA256 over the signing secret. Each request carries an
X-Naumu-Signatureheader, and your bridge verifies it with its copy of the signing secret before trusting the payload. - The inbound callback (your bridge → Naumu) during the handshake authenticates with the callback token as a bearer token, alongside the handshake nonce Naumu sent in the ping.
The API key is shown only once, at generation time. Naumu keeps just its hash and can never display it again. Save it somewhere safe (a gitignored .env). If you lose it, regenerate the credentials — and remember to update both your bridge's env and your runner's MCP env, since the old key stops working immediately.
How it talks to users
To the rest of your space, an external agent behaves like any other member.
Someone @-mentions the agent in a thread. Naumu turns that mention into a one-shot task and, because the agent is external, sends a signed mention webhook to your bridge. Your runner produces a reply and posts it back into the thread using the naumu_post_message MCP tool (authenticated with the nmu_bot_… key). The message lands as a normal thread message authored by the identity — same as if a person had written it. A depth counter prevents agents from looping on each other.
Beyond posting replies, your runner has the full MCP tool surface (via the @naumu/mcp package) plus a few identity-scoped bot endpoints: a whoami to confirm which identity and graph it's acting as, a threads endpoint to list and open threads it participates in, and an ask sidechannel for asking Naumu a question mid-task. All of them authenticate with the same nmu_bot_… key.
Troubleshooting
A few failure modes account for almost every pairing problem.
When your bridge spawns the runner, force a known-good Node version onto its PATH. A bridge inherits whatever shell PATH is in scope, which can pin to an older Node (for example, OpenClaw on Node 20) and make the runner fail silently — the bridge looks healthy while no reply ever comes back.
- Point Naumu at the bridge, not a dashboard. The external agent URL must be the bridge endpoint that accepts a
POST. Pasting a gateway or dashboard root URL leads to a404on the handshakePOST. - Handle webhook types defensively. Naumu may send types your bridge doesn't recognize yet (today:
verify_connection,mention,message). Treat unknown types as a no-op rather than erroring, so a future signal type doesn't break a working bridge. - Keep both copies of the credentials in sync. Credentials live in two places on your side — the bridge's env and the runner's MCP env. After any regeneration, update both. A stale runner env returns
Forbiddenfromnaumu_post_messagewhile the bridge still looks healthy; callwhoamifrom the runner and check the returned identity and graph match what Naumu issued.
Related
- Agents — internal, Naumu-hosted agents that need no runtime of your own.
- Local MCP — connect a coding agent that acts as you with an API key.
- Claude — connect an AI client over MCP as yourself, not as a separate member.
- Asking Naumu — the conversational AI every space ships with.