Skip to content

Core concepts

Customer account

Each Zorio customer gets an isolated system with:

  • A dedicated access domain (e.g. app.zorio.vn or a custom domain configured by the customer).
  • A dedicated API token for each system.

Domain & Base URL

TypeFormatExample
Admin consolecustomer's domainapp.zorio.vn
API endpoint<domain>/api/...app.zorio.vn/api/pbx/extensions
SIP/WebRTC<domain>:5061 (TLS)app.zorio.vn:5061
Webhook delivered by Zorioyour receiver URL(you configure it)

Roles & Permission tiers

Users in an account have a role:

  • admin: full power within the account.
  • supervisor: manages teams / campaigns.
  • agent: makes/answers calls and updates leads.
  • read_only: read-only.

Permission tiers apply to modules (e.g. crm, pbx, autocall):

  • viewer: read-only.
  • operator: basic CRUD operations.
  • admin: full module rights.

Note

The pbx_api_access permission is a prerequisite for calling the PBX API. Same for telesales_api_access, autocall_api_access.

Data isolation

Every resource is enforced per account at the backend layer. A token used against the wrong customer → HTTP 404 (to avoid leaking existence).

Cấp phép theo điều khoản sử dụng của Zorio.