One number. Every message, handled.
People WhatsApp or text a single line. frontdesk reads each message, works out who's asking and what they need, routes it to the right backend, and relays the answer — around the clock, no human at the desk.
A thin, dependable front desk — not a black box
frontdesk stays deliberately dumb: a fast forwarder. The transport (WhatsApp today, SMS in parallel) is an implementation detail. All the intelligence lives in the per-project backends it hands off to.
WhatsApp Web socket TextNow push + poll │ │ ┌──────▼──────┐ ┌───────▼───────┐ │ wa-baileys │ │ tn-keeper │ transports │ transport │ │ transport │ (no logic) └──────┬──────┘ └───────┬───────┘ │ signed forward │ └──────────────┬───────────────┘ ┌────────▼────────┐ │ fd-router │ routes by sender · │ THE front desk │ hot-reloaded rules └──┬──────┬──────┬┘ signed ──────┘ │ └────── signed ▼ ▼ ▼ account-assistant card-intake tutor-loop Gmail/Drive/Cal cards + voice approval loop
Reads, triages, routes, replies
Route by sender
Every message is matched to its sender and forwarded to that person's configured backend. Rules live in one file that reloads on every message — no restart to change a route.
routes.json · hot reloadBusiness-card intake
Snap a photo of a card and send it. The card-intake backend reads it and files the contact — no typing, no app to open. Voice memos land there too.
images · voice memosChat over your account
Text a request and the account-assistant handles Gmail, Drive and Calendar in plain language — read, search, schedule, send — then replies in the same thread.
Gmail · Drive · CalendarTwo transports, one desk
WhatsApp (via the WhatsApp Web protocol) and SMS both feed the same router. No Meta business account, no Facebook verification — it pairs to a normal number.
WhatsApp · SMSSafe yes/no gates
A backend can ask a confirmation question and register a claim on the next reply. Only a strict yes/no diverts — free text always falls through, so no one gets trapped in a menu.
deterministic verdictsAlerts that don't go silent
A health monitor watches every service; owner alerts fall back down a chain — WhatsApp self-message, then web push, then a logged error event — so a failure never disappears.
health-monitor · web pushSecurity baked into the routing, not bolted on
Because messages can touch a real inbox and calendar, identity and authority are enforced at the router — never inferred from the message body.
Origin binding
Each transport authenticates with its own secret. Whether a request is treated as WhatsApp-origin or SMS-origin comes from which key signed it — not from anything a sender can write.
SMS can never be admin
Admin power is granted only to a verified WhatsApp-origin number. The SMS path holds no privileged signing secret at all, so it can never escalate.
Signed, replay-bounded forwards
Every hand-off to a backend is HMAC-signed with a per-origin secret and a ±120-second window. Identity travels in the verified header, checked on arrival.
Full audit trail
Inbound and outbound messages, plus a coded error stream, are appended to durable logs and surfaced on an owner dashboard — every route and every failure is accountable.
Always-on, self-hosted
A persistent socket and on-disk session mean it runs as a long-lived process — deployed to a Google Cloud VM under pm2, live day and night.
Want a front desk that never clocks out?
frontdesk is a personal build by an independent developer in Chicago. Read the source, or reach out about the idea.