Set up Gong service credential
A Gong service credential lets a Glean agent call the Gong REST API as a workspace service account and not as any individual user. You create a Gong API key, an access key and an access key Secret**, store it once in Glean, and the agent can then read Gong data such as calls, transcripts, users, and stats.
Glean handles authentication automatically. The credential is stored encrypted, and the agent never sees the raw key or secret.
- Authentication: Gong API key over HTTP Basic auth
- Scope: Workspace-level, all data the key is authorized for
- Access: Read-only
Prerequisites
- A Technical Administrator role in Gong, which is required to generate API keys.
- A Glean administrator who can create service credentials.
- The Gong template enabled for your deployment. If you do not see Gong in the list of templates, contact your Glean representative to turn it on.
Step 1: Create an API key in Gong
-
Sign in to Gong as a Technical Administrator and go to Company Settings → Ecosystem → API.
-
Click Get API Key. Gong shows an Access Key and an Access Key Secret. Copy both.
ImportantThe Access Key Secret is shown only once. Copy it immediately and store it somewhere safe — Gong can't recover it later. If you lose it, you will have to generate a new key pair.
-
Make sure the key is granted the scopes your agent needs, and only those. For read-only agent use, the common scopes are:
Scope Purpose api:calls:read:basicList and read call metadata api:calls:read:extensiveRead detailed call data api:calls:read:transcriptRead call transcripts api:users:readRead users api:stats:*Read stats
Step 2: Create the service credential in Glean
- In Glean, go to Admin console → Platform → Tools → Service credentials.

- Click Add.
- Select Gong under Service credentials.
- Fill in these fields:
- Credential name: A human-readable name for the credential.
- Description: A brief description of what this credential is used for.
- Access Key: The access key generated in Gong. Used as the Basic auth username.
- Access Key Secret: The access key secret paired with the access key (stored encrypted). Used as the Basic auth password.
- Audience: Which users or groups can attach this credential to agents.
- Select Save. Glean stores the access key secret as an encrypted secret and doesn't display it again.
Step 3: Attach the credential to an agent
When the agent makes a request to api.gong.io, Glean automatically attaches the correct authentication header. The agent also gains a Gong skill that explains how to call the Gong REST API.
-
Go to Agents in Glean.
-
Select the agent to which you want to add the service credentials.
-
In the Tools tab, select Service credentials and select the Gong credential you created.

Verify it works
Ask the agent something that requires Gong data, for example, "summarize my most recent Gong call." If it returns call content, the credential is working.
What the agent can do
With a Gong credential attached, the agent can read from the Gong REST API (https://api.gong.io/v2):
- List and read calls, including detailed call data
- Retrieve call transcripts
- List users
- Read stats
The credential is read-only by policy. Agents are instructed not to perform destructive operations, such as deleting calls, modifying users, or changing workspace settings.
Security and operational notes
- Workspace-scoped and high-privilege: a Gong Access Key is not tied to a single user, it can reach all data its scopes allow across the workspace. Treat it as a sensitive secret and scope it narrowly.
- Injected server-side: the agent runtime never receives the raw Access Key or Secret. Glean adds the authentication header only to requests bound for
api.gong.io. - Rate limits: Gong enforces roughly 3 requests per second, 3 concurrent requests, and 10,000 requests per day per workspace. If Gong returns
429 Too Many Requests, the agent backs off using theRetry-Afterheader. - Rotation: to rotate, generate a new key pair in Gong, update the Access Key and Access Key Secret on the credential in Glean, then revoke the old key in Gong.