Overview
When your business teams want to use &Open for customer gifting, employee recognition, or event management, they'll likely need your help to get the integration working. This guide explains the technical options available, what each one requires from your team, and how &Open supports you through setup. Most integrations are straightforward and well-documented — your &Open contact will be with you every step of the way.
Integration options and what they involve
Salesforce integration
The &Open Salesforce integration connects your Salesforce org to &Open's platform, enabling your sales and CS teams to trigger gift invitations based on contact or lead records, with sends managed through the &Open platform. Setup is managed via a connected app configuration. Authentication supports OAuth 2.0 or JWT bearer token.
What you'll need to configure: a connected app configuration, permission sets for users, API access enabled, and field-level security review for any contact data passed to &Open.
Typical setup time: 1–2 weeks. &Open provides detailed configuration documentation and a technical contact for your Salesforce admin.
HubSpot integration
The &Open HubSpot integration connects via a HubSpot Private App and webhook configuration. Once set up, it allows your marketing and CS teams to trigger gift invitations through HubSpot workflows based on contact properties, deal stages, or list membership.
What you'll need to configure: Private App creation in HubSpot (Super Admin required), scopes review (crm.objects.contacts read/write), and confirmation of data residency requirements.
Typical setup time: a few days. Largely self-serve for HubSpot admins with &Open's setup guide.
HRIS integration via Merge.dev
&Open connects to HRIS platforms (Workday, BambooHR, Personio, HiBob, and others) via Merge.dev, a unified HR API. This enables HR teams to trigger employee gifts automatically based on lifecycle events — start dates, anniversaries, and more.
What you'll need to configure: API credentials or OAuth approval for your HRIS, a review of which employee data fields are shared (typically: name, email, start date, manager), and confirmation with your DPO or legal team on data sharing scope.
Typical setup time: 1–2 weeks. &Open and Merge.dev provide joint technical documentation.
Direct API integration
&Open offers a JSON:API-compliant API with Bearer Token authentication for teams that want to build a custom integration — connecting an internal CRM, events platform, or data warehouse directly to &Open's gifting engine. The API supports sending gift invitations, checking redemption status, and managing recipient lists programmatically.
What you'll need to configure: secure storage of the Bearer Token (e.g. in your secrets manager), network egress rules to allow outbound calls to api.andopen.co, and a review of your data classification policy for any PII passed in API calls.
Typical setup time: 1–3 weeks depending on integration complexity. Full API documentation is available from your &Open contact.
Security and data considerations
Data in transit — all &Open API calls use TLS 1.2+. No data is transmitted over unencrypted channels.
Authentication — The Salesforce integration uses OAuth 2.0 or JWT bearer token. The HubSpot integration uses a Private App access token. Direct API integrations use Bearer Tokens; tokens should be stored in a secrets manager, not in application code.
Data minimization — &Open only requires name, email address, and (for HR integrations) start date. No financial, health, or sensitive personal data is needed.
Data residency — &Open data is hosted in AWS USA. For the latest information on data residency options, contact your &Open Customer Success Manager. Confirm requirements with your DPO before setup.
SSO — &Open supports SAML 2.0 SSO for enterprise customers. Contact your &Open account manager to enable this.
Penetration testing — &Open undergoes annual third-party penetration testing. Reports are available under NDA on request.
Integration comparison
Integration | Auth method | IT involvement | Typical setup time |
Salesforce | OAuth 2.0 / JWT | Medium — connected app config, permission sets | 1–2 weeks |
HubSpot | Private App token | Low — Private App creation by Super Admin | A few days |
HRIS (Merge.dev) | OAuth 2.0 / API key | Medium — HRIS API credentials, data field review | 1–2 weeks |
Direct API | Bearer Token | High — custom build, secrets management, egress rules | 1–3 weeks |
Getting started
Your business team (sales, CS, HR, or marketing) will initiate the request and nominate an IT or admin contact.
Your &Open contact will share integration documentation and a technical checklist specific to your chosen integration.
Review data sharing scope with your DPO or legal team before configuration begins.
Work through the technical setup with your &Open contact — they have a dedicated technical onboarding team for integration queries.
Run a test send to validate the integration end-to-end before going live.
Have technical questions before committing to a setup? Email hello@andopen.co and ask to speak with the &Open integrations team.