Intercom
The Glean Intercom connector integrates with Intercom's customer communications and ticketing platform, allowing support, customer success, and sales teams to search and ask questions across conversations, tickets, and Help Center articles alongside their other enterprise knowledge. The connector uses per-user OAuth tokens to crawl content and enforce Intercom's admin-based permissions so users only see content they can access in Intercom.
Connector field labels, redirect URLs, and required OAuth scopes are shown in the Glean Admin console for your deployment. Use those values as the source of truth; this page summarizes the overall flow and links to Intercom's developer documentation.
Supported objects
The connector is built on Intercom's REST API v2. The following table summarizes the objects Glean indexes.
| Object | Description |
|---|---|
| Conversations | Customer support conversations from the Intercom inbox. |
| Tickets | Structured support requests managed through Intercom's ticketing system. |
| Help Center articles | Knowledge base articles published through Intercom's Help Center. |
Glean also crawls the following objects for context and identity. These are not indexed as standalone searchable documents:
- Contact references are embedded in conversation and ticket API responses as lightweight references (IDs and types). These are not independently crawled but are included in the indexed conversation and ticket data.
- Teammates (admins) are Intercom teammate profiles including name, email, and team membership. Glean uses these for ownership display, assignment resolution, and identity mapping.
Supported features
The Intercom connector supports the following capabilities:
- Per-user permission enforcement. The connector uses per-user OAuth tokens to crawl content. Glean makes each item visible only to users whose tokens were able to discover that content during a crawl. Users who have not connected Intercom will not see Intercom results.
- Published article access for all users. Published Help Center articles are accessible to all Glean users, including those who have not connected their Intercom account. Draft articles are visible only to users whose tokens can access them.
- Full and incremental crawls. The connector supports full crawls for all content types. Conversations and tickets also support incremental crawls, which use the
updated_attimestamp to fetch only items modified since the last crawl. Articles are crawled in full each cycle. Full crawls also handle deletion detection by marking content that is no longer discoverable as deleted. - Two-phase crawl strategy. The connector runs a discovery phase that iterates through each authorized user's token to identify accessible conversations, articles, and ticket IDs. A subsequent fetch phase retrieves full content and metadata for each discovered item, including conversation parts, ticket parts, and article body content.
- Deep links. Each search result links back to the corresponding item in the Intercom UI so users can view the full conversation, ticket, or article in context.
- Regional API support. The connector supports Intercom's region-specific API endpoints for US, EU, and AU data residency.
- Token revocation handling. If a user's OAuth token is revoked in Intercom, the next full crawl will stop associating that user with previously discovered content. Content that is no longer discoverable by any connected user's token is removed from the index.
Content configuration
The Intercom connector does not support inclusion or exclusion rules (greenlisting or redlisting) for filtering which content is crawled. Glean indexes all conversations, tickets, and Help Center articles that are discoverable by the connected users' tokens.
Content scope is controlled entirely by which users have connected their Intercom accounts to Glean and what those users can access within Intercom. To limit the content that Glean indexes, adjust user permissions in Intercom.
Limitations
- Per-user connection required. Each user must complete Intercom authorization in Glean to see Intercom results. Users without a connected Intercom account will not see Intercom content.
- No webhook support. Intercom does not provide webhook events for the content types this connector indexes, so updates rely on scheduled crawls rather than real-time push-based updates.
- API rate limits. Intercom enforces API rate limits that may affect crawl throughput for large workspaces. See Intercom's rate limiting documentation for details.
- Regional configuration required. Intercom supports region-specific API endpoints (US, EU, or AU). You must select the correct region during setup to match your Intercom workspace location. Using the wrong region will cause crawl failures.
Credentials
The Intercom connector uses OAuth 2.0 for authentication. You must create a private OAuth app in the Intercom Developer Hub to obtain the required credentials.
Required credentials
- Client ID. The OAuth client identifier from your Intercom app's Basic information page.
- Client secret. The OAuth client secret from your Intercom app's Basic Information page.
Required OAuth scopes
Use the scope list shown in the Glean Admin console when configuring your Intercom OAuth app. The console displays the exact scopes required for your deployment.
Permission requirements
- The Intercom user creating the OAuth app must have permission to access the Developer Hub and manage app integrations.
- Each end user who connects their Intercom account to Glean must be an Intercom admin or teammate with appropriate access to the content they want to search.
Requirements
In Glean
- A Glean administrator who can add and configure data sources in the Admin console.
In Intercom
- An Intercom account with permission to create and manage apps in the Intercom Developer Hub.
- Ability to register an OAuth client and assign read permissions (scopes) for the objects Glean will index. Use the scope list shown in the Glean Admin console.
Setup instructions
Create a private OAuth app in Intercom
- Sign in to the Intercom Developer Hub. Select Developer Hub from the top navigation panel, and log in with admin credentials.
- Navigate to Settings → Integrations → Developer Hub.
- Click Your Apps in the top navigation, then click New app at the bottom left.
- In the New app field, enter a name for the application (for example,
Glean-app). This is a private app. - Add the app to an existing workspace from the Workspace dropdown, or create a new workspace in the Workspace field.
Choose the workspace this app must use by default. Only people with access to that workspace can complete OAuth authorization in Glean.
For multiple workspaces, create a separate app for each workspace. Don't reuse the same app across workspaces. Give each app a clear, descriptive name so it’s easy to tell them apart. For example, Glean support, and Glean sales.
- Once the app is created, it is displayed in the Your apps section.
Glean supports private apps. To learn about public apps visit Intercom public apps.
- Select your app, and in the left navigation panel, choose Authentication. Click Edit on the upper right to edit the app.
- Under Authentication → OAuth → Use OAuth → Add redirect URL:
- Copy and add the exact Glean OAuth Redirect URL shown in your Glean admin console.
- Under Authentication → Permissions → People and conversation data, enable the scopes in the following table:
| Scope | Purpose |
|---|---|
| Read and list users and companies | Fetch contacts and companies for indexing |
| Read conversations | Fetch conversations and conversation parts |
| Read tickets | Fetch tickets and ticket activity |
| Read content data | Fetch engagement events, and Help Center articles |
| Read tags | Fetch tags on conversations, tickets, and contacts |
- Under Authentication → Permissions → Workspace data, enable the scopes in the following table:
| Scope | Purpose |
|---|---|
| Read admins | Fetch admin/user information for identity mapping |
| Read and list articles | Fetch Help Center articles and collections |
Scopes are classified as:
- Extended Scopes (for example
Read admins,Read content data) and require Intercom approval. Extended scope requests are typically approved within 24 hours. - Standard scopes work immediately.
See Intercom OAuth scopes for details.
- Click Save to save the configuration.
- Copy the Client ID and Client secret from the app's Basic information tab in the left navigation panel.
Configure the Glean admin console
Repeat this step for each workspace. Each workspace requires its own datasource instance in Glean with the corresponding OAuth app credentials.
- In the Glean Admin console, go to Data Sources → Add data source → Intercom.
- Give a Name and Icon to the Intercom instance. For example, Glean sales.
- Provide the OAuth credentials from Create a private OAuth app:
- Client ID: Enter your Intercom OAuth client ID
- Client secret: Enter your Intercom OAuth client secret
- Select your API Region (US, EU, or AU) based on your Intercom workspace location.
- (Optional) Enter your Help Center Domain if you use a custom domain for Intercom articles (for example
help.company.com). - Click Save to complete the setup.
- Authorize Glean to access your Intercom instance, and complete the OAuth setup. Click Authorize.
Authorize users in Intercom
- On the Intercom authorization page, select the correct workspace from the list — ensure it matches the workspace you created the OAuth app for.
- Grant access to the Glean app when prompted by Intercom.
- Glean begins indexing your Intercom content automatically.
Verify you are authorizing the correct workspace. In the Intercom OAuth prompt, confirm the workspace shown matches the one you created the OAuth app for. If you are logged into multiple Intercom workspaces, Intercom may default to a different one — switch to the correct workspace before granting access.
- Users with Intercom accounts must authorize Intercom in Glean to access their Intercom data in Glean. Direct users to Glean settings → Connected apps → Intercom to complete authorization.
Intercom OAuth tokens do not expire. If a token is revoked in Intercom, the user must reconnect through this flow.