Skip to main content

Fullstory Integration

Connect Fullstory to let the AI agent pull user sessions, AI-generated session summaries, and frontend error event streams (console errors, uncaught exceptions, network/XHR failures, and rage/dead/error clicks) during investigations. Fullstory can also be configured as an alert source to automatically trigger investigations when a segment threshold or metric alert fires.

Capabilities

Once connected, the AI agent can:

CapabilityDescription
List user sessionsFind a user's sessions (with replay URLs) by email or uid — the entry point for customer-impact analysis
List segmentsDiscover the saved segments in your org (named session/user filters built in the Fullstory UI, e.g. "Sessions with console errors")
Session summariesRead the AI-generated summary of a session for fast, low-token triage
Session eventsInspect the captured event stream, including console errors, uncaught exceptions, and network failures
Webhook triggersAutomatically start the alert pipeline when a Fullstory segment threshold or metric alert fires
note

"Show me every session where users hit errors" works differently than you might expect. Fullstory's Server API is user-firstlist_user_sessions takes a uid/email and returns metadata only (no errors); the errors live in each session's event stream (get_session_events). There is no synchronous "search all sessions by error" endpoint. To work at the population level:

  • Push (recommended): build a Fullstory segment like "sessions with console errors" and attach a Segment Threshold Alert to the alert-source webhook — Autoheal is notified when error sessions spike.
  • Discover: use List segments so the agent can find your error/impact segment by name.
  • Bulk pull: retrieving every session in a segment is an asynchronous Data Export job (paid tier), which this integration does not currently expose.

Prerequisites

  • A Fullstory account
  • A Server API key — an Architect- or Admin-tier key is required to read session events and summaries; a Standard (USER) key can only list sessions
  • Fullstory "Anywhere: Activation" enabled on your plan — this is what powers the Server API V2 session events and summaries endpoints. Without it, those calls return 403 even with an Admin key. (Listing sessions and testing the connection do not require it.)
  • The Fullstory snippet installed on your app, calling FS('setIdentity', …) so sessions are attributable by uid/email
  • Data Capture enabled for the domain(s) your app runs on (Fullstory Settings → Data Capture and Privacy → Data Capture). Fullstory only records sessions on domains in the capture list — if your domain isn't covered, no sessions are recorded and lookups return nothing.
note

Plan/feature requirements at a glance — the integration connects and lists sessions on any plan, but two capabilities depend on Fullstory plan features:

  • Session events & AI summaries require Anywhere: Activation.
  • The alert-source webhook uses Fullstory System Interaction Webhooks (Anywhere) and/or Segment Threshold / Metric Alerts (Advanced/Enterprise plans).

Setup

1
Create an API key
  1. Log in to Fullstory
  2. Go to SettingsIntegrationsAPI Keys
  3. Create a key with the Architect role (required to read session events)
  4. Copy the generated key
2
Add Integration in Autoheal
  1. Go to Integrations in Autoheal
  2. Click Fullstory
  3. Enter a name (e.g., "Production Fullstory")
3
Configure Credentials

Enter the following:

  • API Key: Your Fullstory Server API key (Architect tier)
4
Test and Save

Click Test Connection to verify (it reports the key's permission tier), then Save.

Permission Tiers

The API key's role determines what the agent can do. Test Connection reports the tier.

RoleCapability
USER (Standard)List sessions only — cannot read session events
ARCHITECTList sessions and read session events/summaries (required for full investigation)
ADMINFull access
note

An Architect/Admin tier is necessary but not sufficient for session events & summaries — those endpoints also require the Anywhere: Activation feature on your Fullstory plan. With an Admin key but Anywhere disabled, get_session_summary/get_session_events return 403; list_user_sessions and test_connection still work.

Webhook Setup (Alert Source)

Fullstory can automatically trigger investigations via webhooks when a segment threshold or metric alert fires. Alerts flow through the standard alert pipeline — they appear in the Alerts tab, get grouped by Alertmanager, and can trigger on-call pages and AI investigations when configured.

note

The webhook alert source relies on Fullstory plan features: System Interaction Webhooks are part of Anywhere, and Segment Threshold / Metric Alerts require an Advanced or Enterprise plan. After creating the webhook you can use Fullstory's Test Endpoint button to send a signed test delivery and confirm connectivity + signature verification (the test event is verified then skipped — only segment_threshold_alert / metric_alert create an alert).

1
Enable Webhook in Autoheal
  1. Go to your Fullstory integration settings in Integrations
  2. Click the Webhook tab
  3. Toggle Enable Webhook and copy the generated webhook URL
2
Create a System Interaction Webhook in Fullstory
  1. In Fullstory, go to SettingsIntegrationsWebhooks
  2. Create a System Interaction Webhook and paste the webhook URL from Autoheal as the destination
  3. Set a shared secret on the webhook
  4. Attach the webhook to a Segment Threshold Alert or Metric Alert (e.g., a segment matching console errors on checkout)
  5. Save the alert
3
Configure Webhook Signing Secret

Back in Autoheal, paste the same shared secret in the Webhook Signing Secret field. This is used to verify webhook signatures (HMAC-SHA256).

Example Queries

Once connected, you can ask the AI agent:

What sessions did user@customer.com have today, and where did they hit errors?
Summarize Fullstory session <session-id>
Show the console errors and network failures in this user's checkout session
Which customers were impacted by the checkout error this afternoon?

Troubleshooting

401 Unauthorized
  • Verify the API key is correct
  • Check that the key hasn't been revoked
403 Forbidden when reading session events / summaries
  • Two requirements must both be met: (1) an Architect- or Admin-tier key, and (2) the Anywhere: Activation feature enabled on your Fullstory plan
  • A 403 with an Admin key means Anywhere: Activation is not enabled — enable it in Fullstory (or contact Fullstory) to use session events/summaries
  • list_user_sessions and test_connection work without Anywhere: Activation
No Sessions Found for a User
  • Check Data Capture: Fullstory Settings → Data Capture and Privacy → Data Capture must have your app's domain enabled (the "Capture data by domain" list). If your domain falls under "All other domains: Off", Fullstory records nothing — sessions never appear even though the snippet loads
  • Verify the user is identified in Fullstory (your app called FS('setIdentity', …))
  • Try uid instead of email (or vice-versa)
  • Confirm the Fullstory snippet is deployed on the relevant property, and allow a few minutes for new sessions to be processed
Webhook Not Triggering Investigations
  • Verify the webhook URL is correctly configured on the Fullstory System Interaction Webhook
  • Check that the Webhook Signing Secret in Autoheal matches the shared secret set in Fullstory
  • Ensure the webhook is attached to a Segment Threshold Alert or Metric Alert
  • Check the webhook events log in Autoheal for signature verification errors