Platform Overview

EYELEVEN OS is an AI Workforce Operating System designed for businesses that need intelligent automation at scale. Unlike traditional chatbots that respond to simple FAQs, EYELEVEN deploys autonomous AI employees capable of managing full conversation lifecycles across sales, booking, support, and operations.

Each AI Force operates with its own role definition, tool permissions, memory context, and behavioral guardrails. They interact with customers through any connected channel, execute multi-step workflows, and escalate to human operators when confidence thresholds are not met.

The platform is built on a multi-tenant architecture with workspace isolation, meaning each organization operates in a completely independent environment with its own channels, knowledge bases, workflows, and billing. Designed for teams scaling from one AI employee to hundreds.

Quick Start Guide

Getting your first AI Force operational takes less than 15 minutes. Follow these four steps to go from zero to your first automated conversation.

AI Forces

An AI Force is an autonomous digital employee deployed within your workspace. Each Force has a defined role, personality, set of tools it can invoke, and boundaries it must respect. They are not generic assistants; they are purpose-built workers with specific operational objectives.

Forces operate with persistent memory across conversations, meaning they remember past interactions with the same contact and can reference prior context. They use tool-calling to execute real actions: creating bookings, updating CRM records, triggering workflows, or transferring to human agents.

Available Roles

Each AI Force can be assigned to one or more channels, allowing a single Sales Force to handle WhatsApp and Instagram inquiries simultaneously while maintaining consistent behavior and context.

Neural Credits

Neural Credits are the universal unit of consumption across EYELEVEN OS. Every action your AI Forces take consumes credits proportional to the computational resources required. This model gives you transparent cost control and predictable billing.

Credits are allocated monthly based on your plan tier and reset at each billing cycle. You can monitor real-time usage through the Analytics Dashboard and set alerts at configurable thresholds (50%, 75%, 90%).

Credit Costs per Action

Channels

Channels are the communication endpoints where your AI Forces interact with customers. EYELEVEN provides a unified channel gateway that normalizes messages from any source into a standard format, enabling your Forces to operate identically regardless of the originating platform.

Each channel connection is configured at the workspace level with its own credentials, webhook endpoints, and routing rules. A single workspace can connect multiple channels of the same type (e.g., multiple WhatsApp numbers for different departments).

Supported Channels

Knowledge Base

The Knowledge Base is a vector-indexed document store that AI Forces query in real-time during conversations. When a customer asks a question, the system performs retrieval-augmented generation (RAG) to find the most relevant passages from your uploaded documents and grounds the AI response in factual information.

Supported document types include PDFs, DOCX, plain text, HTML pages, and structured FAQ sheets. Documents are chunked, embedded, and stored with metadata tags for precise retrieval. You can organize documents into categories and assign specific categories to specific AI Forces.

The system also supports auto-generation of knowledge articles from resolved conversations. When an AI Force or human operator resolves a novel issue, EYELEVEN can generate a knowledge article for future reference, continuously expanding your coverage.

Workforce Manager

The Workforce Manager is where you create, configure, and deploy your AI Forces. Each Force is defined by a role template that specifies its system prompt, available tools, channel assignments, escalation rules, and behavioral parameters such as tone, language, and response length preferences.

Configuration includes granular tool permissions that control exactly which actions an AI Force can take. A Sales Force might have access to CRM updates and booking creation but be restricted from issuing refunds. These permissions create a security boundary that prevents unintended autonomous actions.

Forces also include memory configuration: how many past messages to retain in context, whether to persist conversation summaries, and which contact fields to track across interactions. Higher-tier plans support advanced memory with long-term relationship context.

Workflow Builder

The Workflow Builder provides a visual canvas for creating multi-step automation sequences. Workflows are triggered by events (new message, conversation closed, form submitted) or scheduled on intervals (daily reports, follow-up sequences). Each workflow consists of triggers, conditions, and actions connected in a directed graph.

Available action nodes include: send message, update contact, create task, HTTP request, delay, branch (if/else), loop, AI generation, and human approval gates. Conditions can evaluate contact properties, conversation metadata, time-based rules, or custom expressions.

The integrated Copilot assists with workflow creation by suggesting node configurations, auto-generating condition logic from natural language descriptions, and identifying potential logic errors before deployment. Workflows can be version-controlled with rollback support.

{
  "trigger": {
    "type": "event",
    "event": "conversation.message_received",
    "conditions": {
      "channel": "whatsapp",
      "contact.tag": "vip",
      "message.intent": "purchase"
    }
  },
  "actions": [
    { "type": "assign_force", "force_id": "sales-primary" },
    { "type": "add_tag", "tag": "high-intent" },
    { "type": "notify_team", "channel": "slack" }
  ]
}

Operations Inbox

The Operations Inbox is a unified omnichannel interface where your team monitors all conversations happening across channels. Every thread shows the full context: which AI Force is handling it, the customer profile, conversation history, and current status (AI-managed, human-taken, pending, resolved).

Human takeover is seamless. When an operator claims a conversation, the AI Force pauses immediately and the operator sees the full context including AI-generated summaries and suggested responses. When the operator is done, they can hand back to the AI Force with optional instructions.

Additional features include internal notes (visible only to team members), conversation assignments, bulk actions, saved reply templates, SLA timers, and priority queues. Operators can filter by channel, status, AI Force, tags, or custom fields.

Voice Center

The Voice Center extends AI Force capabilities to telephone conversations through integration with Vapi for voice synthesis and recognition. AI Forces can handle inbound calls, make outbound calls for appointment confirmations or follow-ups, and operate within the same behavioral framework as text-based channels.

Every call generates a full transcript that is stored in the conversation thread alongside text messages. Post-call automation can trigger workflows based on call outcomes, such as sending a summary via WhatsApp after a phone conversation or creating a task if an issue was identified.

Voice configuration includes language selection, voice persona (multiple voice options per language), speaking rate, interruption handling, and fallback behavior when the AI cannot understand the caller. Calls can be transferred to human operators in real-time with context handoff.

Analytics Dashboard

The Analytics Dashboard provides real-time visibility into your AI workforce performance. Key metrics include conversation volume, resolution rate, average handling time, human escalation rate, customer satisfaction (inferred from conversation signals), and credit consumption by Force, channel, and action type.

Dashboards are customizable with time-range filters, comparison periods, and breakdown dimensions. You can track ROI by comparing AI-handled conversation costs against equivalent human labor costs for the same volume.

Automated reports can be scheduled for delivery via email or Slack, providing leadership with weekly summaries of AI workforce performance without requiring dashboard access.

WhatsApp Business API

EYELEVEN connects to WhatsApp through the official Cloud API. Setup requires a Meta Business account with a verified WhatsApp Business number. The platform handles webhook registration, message delivery, read receipts, and media handling automatically.

Message templates (required by WhatsApp for outbound conversations outside the 24-hour window) can be managed directly from the platform. EYELEVEN supports text templates, media templates, interactive buttons, and list messages. Template approval status is synced from Meta in real-time.

POST /api/webhooks/whatsapp
Headers:
  X-Hub-Signature-256: sha256=<signature>
  Content-Type: application/json

Verify Token: Configured in Channel Settings
Callback URL: https://app.eyeleven.com/api/webhooks/whatsapp
Subscribed Fields: messages, messaging_postbacks

Payment Processing

Billing and subscription management is powered by Dodo Payments. When a customer subscribes to a plan, Dodo handles the checkout flow, recurring charges, proration on plan changes, and invoice generation. EYELEVEN receives lifecycle webhooks for real-time subscription state synchronization.

The integration supports plan upgrades, downgrades (effective at next billing cycle), trial periods with automatic conversion, and payment failure handling with configurable retry logic. Credit allocations are automatically adjusted when a subscription changes tier.

Webhook Events

CRM & External APIs

EYELEVEN integrates with external systems through outbound webhooks, direct API calls from workflow actions, and incoming webhook triggers. This allows AI Forces and workflows to interact with your CRM, ERP, calendar system, or any REST API endpoint.

Outbound webhooks are configured per event type and include HMAC signature verification for the receiving system to validate authenticity. Retry logic with exponential backoff handles transient failures. Failed deliveries are logged with full request/response details for debugging.

For teams using Zapier or similar automation platforms, EYELEVEN provides a standard webhook endpoint that can receive triggers from external services and route them to specific workflows or AI Forces for processing.

POST https://your-crm.com/api/webhook
Headers:
  X-Eyeleven-Signature: sha256=<hmac_signature>
  X-Eyeleven-Event: contact.updated
  Content-Type: application/json

{
  "event": "contact.updated",
  "workspace_id": "ws_abc123",
  "timestamp": "2025-01-15T10:30:00Z",
  "data": {
    "contact_id": "ct_xyz789",
    "changes": {
      "tags": { "added": ["qualified"], "removed": [] },
      "custom_fields": { "lead_score": 85 }
    }
  }
}

Plans

EYELEVEN offers four plan tiers designed for different stages of growth. All plans include the core platform modules. The primary differentiators are the number of AI Forces, monthly credit allocation, channel slots, and team seats.

The Omnis tier is designed for enterprise deployments requiring custom SLAs, dedicated infrastructure, priority support, and tailored onboarding. Contact sales@eyeleven.com for custom pricing.

Billing & Subscriptions

Subscriptions are billed monthly with automatic renewal. When you upgrade, the price difference is prorated for the remaining days in the current billing cycle and your new limits take effect immediately. Downgrades are scheduled for the next billing cycle to avoid service disruption.

Payment methods include credit/debit cards and select regional payment options depending on your location. Invoices are generated automatically and available in the billing settings. Failed payments trigger a 7-day grace period with email notifications before service suspension.

Cancellation takes effect at the end of the current billing period. Your data is retained for 30 days after cancellation, during which you can reactivate. After 30 days, workspace data is permanently deleted per our data retention policy.

Team Management

Workspace access is controlled through role-based permissions. Each team member is assigned one role that determines their capabilities within the platform. Roles cannot be customized beyond the four predefined levels to maintain security clarity.

Team members are invited via email and must accept the invitation to activate their account. Each workspace has exactly one Owner. Ownership can be transferred to another Admin through workspace settings.

Data Architecture

EYELEVEN uses a multi-tenant architecture built on Supabase (PostgreSQL) with row-level security (RLS) policies enforcing strict workspace isolation. Every database query is scoped to the authenticated workspace, making cross-tenant data access architecturally impossible.

Data at rest is encrypted using AES-256. Data in transit is protected by TLS 1.3. Database backups are encrypted and stored in geographically redundant locations. Point-in-time recovery is available for the trailing 7 days on standard plans and 30 days on Omnis.

Conversation data, knowledge base documents, and contact records are stored in the primary database region. Voice recordings and media files are stored in encrypted object storage with configurable retention policies.

Authentication

User authentication is handled through Supabase Auth with email/password and OAuth providers (Google, GitHub). Sessions are managed with secure, httpOnly cookies and short-lived JWTs. Refresh tokens rotate on each use to prevent session hijacking.

Multi-factor authentication (MFA) via TOTP authenticator apps is available for all accounts and can be enforced at the workspace level by the Owner. SSO integration via SAML 2.0 is available on the Omnis plan for enterprise identity providers.

API access uses long-lived API keys scoped to specific workspaces with configurable permission sets. Keys can be rotated without downtime and revoked immediately. All API key usage is logged for audit purposes.

Compliance

EYELEVEN is built with compliance as a foundational requirement. The platform is GDPR-aligned with data minimization principles, right-to-erasure support, and data processing agreements available for all customers. Contact data can be permanently deleted upon request through the platform or via API.

The SOC 2 Type II certification is in progress with completion expected by Q3 2025. Current controls include access logging, change management, incident response procedures, and regular security assessments. Penetration testing is conducted quarterly by independent security firms.

For customers in regulated industries, EYELEVEN supports data residency requirements through regional deployment options (available on Omnis). Audit logs are retained for a minimum of 12 months and are exportable in standard formats.

API Security

All webhook deliveries from EYELEVEN include an HMAC-SHA256 signature in the X-Eyeleven-Signature header. Your receiving endpoint should validate this signature against your workspace secret to confirm message authenticity and prevent replay attacks.

API rate limits are enforced per workspace: 100 requests/second for standard plans and 500 requests/second for Omnis. Rate-limited responses include Retry-After headers. Webhook deliveries are not rate-limited but are queued with fair scheduling across tenants.

import crypto from "crypto";

function verifyWebhookSignature(
  payload: string,
  signature: string,
  secret: string
): boolean {
  const expected = crypto
    .createHmac("sha256", secret)
    .update(payload)
    .digest("hex");
  return crypto.timingSafeEqual(
    Buffer.from(signature, "hex"),
    Buffer.from(expected, "hex")
  );
}

Role-based access control (RBAC) extends to the API layer. API keys inherit the permissions of the role they are created with. An API key created by an Operator cannot perform Admin-level actions, regardless of the endpoint called.

REST API Overview

The EYELEVEN REST API provides programmatic access to all platform capabilities. The API follows RESTful conventions with JSON request/response bodies, standard HTTP status codes, and predictable resource-oriented URLs.

Base URL: https://api.eyeleven.com/v1

Headers:
  Authorization: Bearer <api_key>
  Content-Type: application/json
  X-Workspace-ID: ws_<workspace_id>

Available Endpoints

All list endpoints support cursor-based pagination with consistent page_size and cursor parameters. Responses include a has_more boolean and next_cursor for traversal. Maximum page size is 100 records.

Webhook Events

EYELEVEN emits webhook events for all significant platform actions. Configure webhook endpoints in your workspace settings and subscribe to specific event types. Each delivery includes the event type, timestamp, workspace context, and the full resource payload.

Event Types

{
  "id": "evt_01HQ3K5N8M2P4R6T",
  "type": "message.received",
  "workspace_id": "ws_abc123",
  "created_at": "2025-01-15T10:30:00.000Z",
  "data": {
    "conversation_id": "conv_xyz789",
    "message_id": "msg_def456",
    "contact_id": "ct_ghi012",
    "channel": "whatsapp",
    "content": {
      "type": "text",
      "body": "I'd like to book an appointment for next Tuesday"
    }
  }
}

Error Codes

The API uses conventional HTTP status codes and returns structured error responses with a consistent format. Every error includes a machine-readable code, a human-readable message, and an optional details object with field-level validation information.

{
  "error": {
    "code": "validation_error",
    "message": "Request body failed validation",
    "status": 422,
    "details": [
      {
        "field": "contact.email",
        "message": "Must be a valid email address"
      }
    ],
    "request_id": "req_01HQ3K5N8M2P4R6T"
  }
}

Common Error Codes

All error responses include a unique request_id that can be provided to support for investigation. Rate limit errors include the retry_after field in seconds. Validation errors include per-field details for precise client-side error handling.