Back to Integrations

Connect HCL Verse to ToppFive

Follow these steps to connect your HCL Verse email. This gives ToppFive's AI assistant direct access to read, send, search, and manage emails in your Domino mailbox.

What You'll Need

Your Domino admin will need to set up:

  • HCL Domino 14 or later with the REST API module installed
  • A mail database schema linked to the MAIL and $DECRYPT scopes
  • An OAuth client application registered for ToppFive

REST API

Enable the Domino REST API on your mail server

OAuth Client

Register an app with MAIL + $DECRYPT scopes

IP Whitelist

Restrict access to our static egress IP

1

Install the Domino REST API

The REST API module needs to be installed and enabled on the Domino server that hosts your mail databases. If you're running HCL Domino 14 or later, it's available as an add-on.

Once installed, the REST API admin console is available at:

https://your-server:8880/admin.html

If this page loads, the REST API is running and ready for configuration.

HCL Documentation: Installing the Domino REST API

2

Create a Mail Database Schema and Scope

Domino databases are not exposed to the REST API by default. Your admin needs to create a schema for the mail database and link it to a scope so ToppFive can access email data.

  1. Open the REST API admin console at https://your-server:8880/admin.html
  2. Navigate to Database Management and select your mail database (mail.nsf)
  3. Create a schema that exposes the mail views and forms needed for email access
  4. Link the schema to two scopes: MAIL and $DECRYPT

Why both scopes?

MAIL provides access to read, send, and manage emails. $DECRYPT covers the edge case where some users have encrypted messages, so ToppFive isn't blocked if that comes up.

HCL Walkthrough: Using the Admin UI to configure schemas and scopes

3

Configure OIDC and Register an OAuth Client

ToppFive authenticates to the REST API using OAuth 2.0. Your admin needs to enable Domino as an OIDC provider (or connect an external IdP) and register an OAuth client application for ToppFive.

  1. Enable OIDC on Domino, or connect your preferred external identity provider (e.g., Azure AD, Okta)
  2. Create an OAuth client application for ToppFive
  3. Set the scopes to MAIL and $DECRYPT
  4. Note the Client ID and Client Secret — you'll enter these in ToppFive

REST API Base URL

The URL where your Domino REST API is accessible

https://your-server:8880

OAuth Client ID

The client ID from the registered OAuth application

toppfive-integration

OAuth Client Secret

The client secret generated for the OAuth application

••••••••••••••••
4

Whitelist the ToppFive Egress IP

There's no need to expose your REST API to the public internet. Just whitelist our static egress IP so only ToppFive can reach it.

Add this IP to your firewall allow list for inbound HTTPS on port 8880 (or whichever port your REST API uses):

34.42.98.159

All ToppFive outbound traffic routes through this single static IP. No other addresses need to be whitelisted.

5

Connect in ToppFive

Once steps 1–4 are complete, head to the Integrations page and click Connect on the HCL Verse card. Enter your three credentials and you're done.

  1. Go to Integrations and find the HCL Verse card under Email
  2. Click Connect
  3. Enter your REST API Base URL, OAuth Client ID, and Client Secret
  4. ToppFive validates the connection by reaching the REST API info endpoint
  5. Once verified, your AI assistant has full email access

The whole connection process takes about 30 seconds. Your credentials are stored securely and encrypted at rest.

What Your AI Assistant Can Do

Read & search emails

Fetch inbox, search by keyword, browse folders

Send & reply

Compose new emails, reply to threads, forward messages

Draft management

Create, edit, and send draft emails

Folder organization

Create labels, move messages between folders

Attachments

Download and read email attachments

Automations

Trigger workflows on new emails, auto-respond to inquiries

Troubleshooting

Connection refused / timeout

The REST API may not be running, or the port may be blocked by your firewall. Verify the REST API is accessible at your base URL and that port 8880 (or your configured port) is open for our egress IP (34.42.98.159).

OAuth authentication failed

Double-check that OIDC is properly enabled on Domino and that the Client ID and Client Secret match the registered application. Ensure the OAuth client is scoped to MAIL and $DECRYPT.

Schema or scope not found

If the REST API returns a 403 or scope error, the mail database schema may not be linked correctly. Verify in the admin console that mail.nsf has a schema linked to the MAIL scope.

Encrypted messages not accessible

If certain emails return decryption errors, ensure the $DECRYPT scope is enabled alongside MAIL in both the database schema configuration and the OAuth client scopes.

SSL certificate error

ToppFive expects a publicly trusted TLS certificate (e.g., Let's Encrypt). If you're using a self-signed certificate, you'll need to install a proper certificate or use a reverse proxy with a valid cert.

Ready to connect?

Head to the Integrations page and click Connect on the HCL Verse card.