Quartz 4

Make.com Integration Hub

4 min read

Make.com Integration Hub

Make (formerly Integromat) is the primary automation orchestrator in the RERI/OpenClaw stack — richer than Zapier (supports scenario blueprints, data stores, responsive execution, HMAC webhook verification, and zone-aware routing) and more managed than n8n (cloud-hosted, no self-hosting burden). This hub is the cluster anchor for the Automation Platforms cluster. Read when wiring a new scenario, debugging a failed execution, or evaluating whether to add a Make scenario vs. a Zapier Zap vs. an n8n workflow. KB last verified 2026-03-04.

Quick reference

FieldValue
VendorMake.com
URLhttps://make.com
KB docAPI, WEBHOOKS
Auth methodAPI Token (Authorization: Token <token> header) for API; HMAC via IML condition for webhook verification
Auth credentialop://Aurora/make/api-key
Cred-proxy portn/a (until NemoClaw B1-B6 ratified — see nemoclaw-audit-2026-05-03)
Webhook portn/a (Make webhooks are cloud-hosted; VPS posts OUT to https://hook.us1.make.com/<id>)
Webhook handlern/a (inbound to VPS not yet wired; Make is currently outbound trigger destination)
Webhook dedup tableprocessed_webhook_events (24h TTL) — apply if Make sends inbound events to VPS
Tunnel pathn/a
Outbound API basehttps://us1.make.com/api/v2 (US zone — verify zone from dashboard URL)
Webhook base URLhttps://hook.us1.make.com/ (US) or https://hook.eu1.make.com/ (EU)
Rate limits60 req/min per API token; task/ops limits by plan
Rate-limit action429 → exponential backoff (3 retries, 1s→2s→4s), Discord ops alert
CostFree → paid tiers; monthly ops quota per plan
Backup/recoveryVendor-owned. Scenario blueprints exportable as JSON — should be version-controlled in GitHub
Discord alert channelops
Drift cadenceWeekly (security-audit-funnel.timer) / on API change
Statusproduction

Components

  • workspace/knowledge-base/make/API.md — Scenarios, Connections, Data Stores, Webhooks Management, Execution History API; last_verified 2026-03-04
  • workspace/knowledge-base/make/WEBHOOKS.md — Webhook spec (dedicated vs shared, IML directives: respond, verification, iterate, output, condition, uid), security patterns
  • workspace/knowledge-base/make/examples/ — RERI scenario examples and blueprint patterns
  • workspace/knowledge-base/make/_audit/ — Audit trail for KB drift checks
  • [[wiki/_hubs/integrations/hubspot]] — Primary Make trigger source (deal updates, contact events)
  • [[wiki/_hubs/integrations/supabase]] — Make can write directly to Supabase via HTTP module; CHOKEPOINT-1 applies if writing to tool_calls
  • [[wiki/_hubs/integrations/1password]] — Credential store for Make API token and webhook secrets

How it’s used

  • Trigger condition: HubSpot event (deal stage, contact update) → Make webhook trigger → multi-step scenario executing Supabase writes, Discord alerts, DocuSign sends, or sub-workflow calls
  • Workflow: Make scenario Blueprint → RERI-specific multi-step: (1) inbound webhook OR scheduled trigger, (2) data transform via IML, (3) action modules (HTTP, HubSpot, Supabase, Discord). VPS agents trigger Make via POST to hook.us1.make.com/<id>.
  • Agents involved: Atlas (infra orchestration), acquisitions agents (deal-source fan-out). No direct Make SDK in OpenClaw — plain HTTP POST with JSON payload.
  • Failure mode: Scenario execution error → Make retries per scenario error-handling config. Check /api/v2/scenarios/{id}/logs for run history. 429 on API → backoff. Data store full → add capacity or archive old records.
  • Success criteria: POST to webhook URL returns 2xx; execution log shows "status": "success" within scenario SLA.

Webhook security (from WEBHOOKS.md)

Make supports HMAC signature validation via IML condition directive:

{
  "condition": "{{hmac(body, 'your-secret', 'sha256') == headers.x-signature}}"
}

Use this pattern for any Make webhook that receives data from external systems. Webhook secret stored at op://Aurora/make/webhook-secret (per feedback_no_plaintext_creds).

Agents that touch this

  • _summary — orchestrates infra automation scenarios
  • _summary — deal-source fan-out via Make scenarios

Skills that invoke this

  • hubspot-deal-ingest — may route deal creation events through Make for multi-system fan-out
  • dispo-blast — post-blast result logging could route through Make scenario

Plans that govern this

Feedback rules

KB / source docs

  • API — Scenarios, Connections, Data Stores, Webhooks Management, Scheduling, Pagination
  • WEBHOOKS — Dedicated vs shared webhooks, IML directives, security patterns, testing
  • examples — RERI-specific scenario blueprints

System maps

Make is the anchor hub for the Automation Platforms cluster. Peer hubs:

  • zapier — lighter-weight; used for HubSpot-native trigger flows
  • n8n — self-hostable OSIL pipeline candidate (staging)

Decision on rationalization (which platform owns which automation type) is pending. See openclaw-fragmentation-fix-2026-05-01 and the deal-ingestion process hub for trigger-source mapping.

All Make credentials are in 1Password vault Aurora. Hub: 1password. Per G-NO-PLAINTEXT-CREDS — no plaintext tokens in any tracked file. Reference as op://Aurora/make/<field> only.

Open issues / TODOs

  • Export all active Make scenario blueprints to GitHub for version control (per feedback_plan_amendments_additive)
  • Verify current Make plan tier and ops quota remaining
  • Add HMAC webhook signature validation to any Make webhook that receives HubSpot events (currently NEEDS VERIFICATION — check live handler)
  • Decision pending: Make vs n8n as OSIL Tier 2 automation substrate (see OSIL plan B3)

Recent activity

  • 2026-05-04: Hub created (Wave 3 W3-S6). KB last_verified 2026-03-04. Cluster anchor role established.

Graph View

Backlinks