You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Add a Typefully integration that lets the DataOps Assistant create saved Typefully draft posts from assistant-generated social copy while keeping publishing under human control.
The implementation should live in the DataOps repo only. Expected touched surfaces are the work-engine/ assistant-job API and runner flow, the assistant queue/operator UI if a new action or status is needed, and the deployed stack/runtime-secret configuration needed by the private work-engine Lambda.
Production API base URL is https://api.typefully.com and the public API uses bearer-token authentication.
The current authenticated user can be checked with GET /v2/me; accessible social accounts are returned by GET /v2/social-sets.
Draft creation is POST /v2/social-sets/{social_set_id}/drafts and requires platforms in the request body.
Draft content is platform-scoped, for example platforms.x.posts[].text or platforms.linkedin.posts[].text; enabled platforms require enabled: true and posts.
draft_title, scratchpad_text, existing tag slugs, and share are optional draft metadata. share creates a public share URL when true, so default DataOps behavior should keep it false unless explicitly configured.
publish_at controls publishing or scheduling: now, next-free-slot, or an ISO 8601 datetime. To create a saved draft only, DataOps must omit publish_at.
The create response includes the Typefully draft id, status, private_url, optional share_url, platform content, and scheduled/published fields.
Product behavior:
A DataOps operator can request a Typefully draft from an assistant job tied to a task or workflow bundle.
The assistant/job output remains reviewable in DataOps before the external Typefully write happens.
The Typefully write creates a saved draft only. It must not publish immediately, schedule, queue to the next free slot, or expose any direct-publish control.
After a successful Typefully draft creation, DataOps stores an artifact or equivalent proof record linked to the originating assistant job and task/bundle. The record should include safe identifiers and URLs such as Typefully draft id, social set id, status, private_url, platform names, and preview/title, but never the API token or raw auth headers.
Typefully API failures should leave the assistant job in a recoverable failed/retry state with a redacted, operator-readable error summary.
Local/test mode must be able to exercise the flow with a fake Typefully client or mock HTTP layer and no real Typefully token.
Auth and secrets:
Typefully API credentials must come from managed config only: AWS Secrets Manager/SAM parameters for deployed runtime and documented local development environment variables for local runs.
Do not hardcode tokens, social-set ids, or account-specific credentials in source, tests, issue comments, logs, artifacts, or assistant metadata.
If the deployed stack needs a Typefully token secret name or work-engine permission to read it, add it to the SAM/CloudFormation template instead of relying on unmanaged production setup.
Treat real Typefully account selection, real token provisioning, and real external draft creation as [HUMAN] checks.
Acceptance Criteria
The assistant-job flow exposes an authenticated API path for creating a Typefully draft from approved/reviewed assistant output associated with a task or bundle.
The Typefully request builder sends POST /v2/social-sets/{social_set_id}/drafts with bearer auth, valid platforms content, and no publish_at field for the default saved-draft path.
The implementation rejects or ignores any attempt from DataOps UI/API input to use publish_at: "now", publish_at: "next-free-slot", or a scheduled datetime in this issue's flow.
Successful draft creation stores a linked DataOps artifact/proof with the Typefully draft id, social set id, status, private URL, platform list, title/preview, originating assistant job id, and task/bundle context.
No Typefully API token, bearer header, secret name value, signed URL, or raw credential can appear in assistant job metadata, events, artifacts, UI output, test snapshots, or logs.
Missing credentials, missing social set configuration, Typefully 401/403/422/429 responses, and network failures produce redacted failed/retryable assistant-job states with useful operator messages.
Local dry-run/mock verification covers successful draft creation without a real Typefully account or external write.
The operator UI, if changed, shows the Typefully draft proof/link and keeps review/approval semantics clear before any external write action.
Infrastructure/config changes document the required local env vars and deployed secret/SAM parameter names, and grant only the minimum runtime secret-read permission needed.
[HUMAN] A DataOps operator provisions or confirms the real Typefully API token and target social set outside the repo.
[HUMAN] A DataOps operator runs one real Typefully saved-draft creation and verifies in Typefully that the result is a draft, not scheduled and not published.
Test Scenarios
Scenario: Saved draft request
Given: an approved assistant output with social copy for X or LinkedIn and a configured fake Typefully social set
When: the operator/API triggers Typefully draft creation
Then: DataOps sends a create-draft request without publish_at, receives a fake Typefully draft response, and records a linked proof artifact with the private Typefully URL.
Scenario: Publishing controls are blocked
Given: a Typefully draft request payload attempts to include publish_at as now, next-free-slot, or a future datetime
When: the API validates the request
Then: the request is rejected before any Typefully client call, and no assistant job event or artifact contains a publish/schedule claim.
Scenario: Credential or API failure
Given: Typefully credentials are missing or the fake client returns 401, 403, 422, 429, or a network error
When: the assistant job attempts Typefully draft creation
Then: the job is marked failed or retryable according to the existing assistant-job lifecycle, the error is redacted, and no secret-like value is persisted.
Scenario: Operator review visibility
Given: a Typefully draft proof artifact has been created for a task or bundle
When: the operator opens the assistant queue, assistant job detail, and linked workflow/task view
Then: the operator can see the Typefully draft status/link and the originating context without seeing credentials.
Scenario: Real Typefully verification
Given: a human has provisioned a real Typefully API token and selected a real social set
When: a DataOps operator creates one test draft through the integration
Then: [HUMAN] the operator confirms in Typefully that it exists as a saved draft only and records the result on the issue.
Out of Scope
Publishing, scheduling, queueing to next-free-slot, or changing Typefully queue schedules.
Typefully webhook ingestion, analytics import, comments, media upload, tag management UI, or account-management UI.
Creating or modifying source repos outside dataops, including ../dtc-operations, ../datatasks, or ../podcast-assistant.
Automating real Typefully account/token provisioning.
Closing the issue solely from automated tests if [HUMAN] verification remains outstanding.
Dependencies
The target Typefully account must provide an API token with enough access to create drafts and a known target social_set_id for the desired account/team.
If the real token is only available in production, the Software Engineer and Tester should use mocked/local verification and leave the issue open with the human label after agent-verifiable checks pass.
Required verification should include focused work-engine assistant-job tests, TypeScript typecheck, build if Lambda packaging or env handling changes, focused Playwright coverage for any changed assistant UI, and SAM/CloudFormation validation for infrastructure changes.
Create Typefully drafts from DataOps Assistant jobs
Status: pending
Tags:
enhancement,assistant,backend,frontend,infra,P1Depends on: None
Blocks: None
Scope
Add a Typefully integration that lets the DataOps Assistant create saved Typefully draft posts from assistant-generated social copy while keeping publishing under human control.
The implementation should live in the DataOps repo only. Expected touched surfaces are the
work-engine/assistant-job API and runner flow, the assistant queue/operator UI if a new action or status is needed, and the deployed stack/runtime-secret configuration needed by the private work-engine Lambda.Official Typefully API facts to design against, from https://typefully.com/docs/api:
https://api.typefully.comand the public API uses bearer-token authentication.GET /v2/me; accessible social accounts are returned byGET /v2/social-sets.POST /v2/social-sets/{social_set_id}/draftsand requiresplatformsin the request body.platforms.x.posts[].textorplatforms.linkedin.posts[].text; enabled platforms requireenabled: trueandposts.draft_title,scratchpad_text, existing tag slugs, andshareare optional draft metadata.sharecreates a public share URL when true, so default DataOps behavior should keep it false unless explicitly configured.publish_atcontrols publishing or scheduling:now,next-free-slot, or an ISO 8601 datetime. To create a saved draft only, DataOps must omitpublish_at.status,private_url, optionalshare_url, platform content, and scheduled/published fields.Product behavior:
status,private_url, platform names, and preview/title, but never the API token or raw auth headers.Auth and secrets:
[HUMAN]checks.Acceptance Criteria
POST /v2/social-sets/{social_set_id}/draftswith bearer auth, validplatformscontent, and nopublish_atfield for the default saved-draft path.publish_at: "now",publish_at: "next-free-slot", or a scheduled datetime in this issue's flow.Test Scenarios
Scenario: Saved draft request
Given: an approved assistant output with social copy for X or LinkedIn and a configured fake Typefully social set
When: the operator/API triggers Typefully draft creation
Then: DataOps sends a create-draft request without
publish_at, receives a fake Typefully draft response, and records a linked proof artifact with the private Typefully URL.Scenario: Publishing controls are blocked
Given: a Typefully draft request payload attempts to include
publish_atasnow,next-free-slot, or a future datetimeWhen: the API validates the request
Then: the request is rejected before any Typefully client call, and no assistant job event or artifact contains a publish/schedule claim.
Scenario: Credential or API failure
Given: Typefully credentials are missing or the fake client returns 401, 403, 422, 429, or a network error
When: the assistant job attempts Typefully draft creation
Then: the job is marked failed or retryable according to the existing assistant-job lifecycle, the error is redacted, and no secret-like value is persisted.
Scenario: Operator review visibility
Given: a Typefully draft proof artifact has been created for a task or bundle
When: the operator opens the assistant queue, assistant job detail, and linked workflow/task view
Then: the operator can see the Typefully draft status/link and the originating context without seeing credentials.
Scenario: Real Typefully verification
Given: a human has provisioned a real Typefully API token and selected a real social set
When: a DataOps operator creates one test draft through the integration
Then: [HUMAN] the operator confirms in Typefully that it exists as a saved draft only and records the result on the issue.
Out of Scope
next-free-slot, or changing Typefully queue schedules.dataops, including../dtc-operations,../datatasks, or../podcast-assistant.[HUMAN]verification remains outstanding.Dependencies
social_set_idfor the desired account/team.humanlabel after agent-verifiable checks pass.