From ca5e112a8c4273cdb0ead51c7caa0da50f7447b8 Mon Sep 17 00:00:00 2001
From: Mazen Khalil <mazen_k@outlook.com>
Date: Wed, 17 Dec 2025 18:54:50 +0300
Subject: [PATCH] feat: TikTok channel (#12741)

fixes: #11834

This pull request introduces TikTok channel integration, enabling users
to connect and manage TikTok business accounts similarly to other
supported social channels. The changes span backend API endpoints,
authentication helpers, webhook handling, configuration, and frontend
components to support TikTok as a first-class channel.


**Key Notes**
* This integration is only compatible with TikTok Business Accounts
* Special permissions are required to access the TikTok [Business
Messaging
API](https://business-api.tiktok.com/portal/docs?id=1832183871604753).
* The Business Messaging API is region-restricted and is currently
unavailable to users in the EU.
* Only TEXT, IMAGE, and POST_SHARE messages are currently supported due
to limitations in the TikTok Business Messaging API
* A message will be successfully sent only if it contains text alone or
one image attachment. Messages with multiple attachments or those
combining text and attachments will fail and receive a descriptive error
status.
* Messages sent directly from the TikTok App will be synced into the
system
* Initiating a new conversation from the system is not permitted due to
limitations from the TikTok Business Messaging API.


**Backend: TikTok Channel Integration**

* Added `Api::V1::Accounts::Tiktok::AuthorizationsController` to handle
TikTok OAuth authorization initiation, returning the TikTok
authorization URL.
* Implemented `Tiktok::CallbacksController` to handle TikTok OAuth
callback, process authorization results, create or update channel/inbox,
and handle errors or denied scopes.
* Added `Webhooks::TiktokController` to receive and verify TikTok
webhook events, including signature verification and event dispatching.
* Created `Tiktok::IntegrationHelper` module for JWT-based token
generation and verification for secure TikTok OAuth state management.

**Configuration and Feature Flags**

* Added TikTok app credentials (`TIKTOK_APP_ID`, `TIKTOK_APP_SECRET`) to
allowed configs and app config, and registered TikTok as a feature in
the super admin features YAML.
[[1]](diffhunk://#diff-5e46e1d248631a1147521477d84a54f8ba6846ea21c61eca5f70042d960467f4R43)
[[2]](diffhunk://#diff-8bf37a019cab1dedea458c437bd93e34af1d6e22b1672b1d43ef6eaa4dcb7732R69)
[[3]](diffhunk://#diff-123164bea29f3c096b0d018702b090d5ae670760c729141bd4169a36f5f5c1caR74-R79)

**Frontend: TikTok Channel UI and Messaging Support**

* Added `TiktokChannel` API client for frontend TikTok authorization
requests.
* Updated channel icon mappings and tests to include TikTok
(`Channel::Tiktok`).
[[1]](diffhunk://#diff-b852739ed45def61218d581d0de1ba73f213f55570aa5eec52aaa08f380d0e16R16)
[[2]](diffhunk://#diff-3cd3ae32e94ef85f1f2c4435abf0775cc0614fb37ee25d97945cd51573ef199eR64-R69)
* Enabled TikTok as a supported channel in contact forms, channel
widgets, and feature toggles.
[[1]](diffhunk://#diff-ec59c85e1403aaed1a7de35971fe16b7033d5cd763be590903ebf8f1ca25a010R47)
[[2]](diffhunk://#diff-ec59c85e1403aaed1a7de35971fe16b7033d5cd763be590903ebf8f1ca25a010R69)
[[3]](diffhunk://#diff-725b90ca7e3a6837ec8291e9f57094f6a46b3ee00e598d16564f77f32cf354b0R26-R29)
[[4]](diffhunk://#diff-725b90ca7e3a6837ec8291e9f57094f6a46b3ee00e598d16564f77f32cf354b0R51-R54)
[[5]](diffhunk://#diff-725b90ca7e3a6837ec8291e9f57094f6a46b3ee00e598d16564f77f32cf354b0R68)
* Updated message meta logic to support TikTok-specific message statuses
(sent, delivered, read).
[[1]](diffhunk://#diff-e41239cf8dda36c1bd1066dbb17588ae8868e56289072c74b3a6d7ef5abdd696R23)
[[2]](diffhunk://#diff-e41239cf8dda36c1bd1066dbb17588ae8868e56289072c74b3a6d7ef5abdd696L63-R65)
[[3]](diffhunk://#diff-e41239cf8dda36c1bd1066dbb17588ae8868e56289072c74b3a6d7ef5abdd696L81-R84)
[[4]](diffhunk://#diff-e41239cf8dda36c1bd1066dbb17588ae8868e56289072c74b3a6d7ef5abdd696L103-R107)
* Added support for embedded message attachments (e.g., TikTok embeds)
with a new `EmbedBubble` component and updated message rendering logic.
[[1]](diffhunk://#diff-c3d701caf27d9c31e200c6143c11a11b9d8826f78aa2ce5aa107470e6fdb9d7fR31)
[[2]](diffhunk://#diff-047859f9368a46d6d20177df7d6d623768488ecc38a5b1e284f958fad49add68R1-R19)
[[3]](diffhunk://#diff-c3d701caf27d9c31e200c6143c11a11b9d8826f78aa2ce5aa107470e6fdb9d7fR316)
[[4]](diffhunk://#diff-cbc85e7c4c8d56f2a847d0b01cd48ef36e5f87b43023bff0520fdfc707283085R52)
* Adjusted reply policy and UI messaging for TikTok's 48-hour reply
window.
[[1]](diffhunk://#diff-0d691f6a983bd89502f91253ecf22e871314545d1e3d3b106fbfc76bf6d8e1c7R208-R210)
[[2]](diffhunk://#diff-0d691f6a983bd89502f91253ecf22e871314545d1e3d3b106fbfc76bf6d8e1c7R224-R226)

These changes collectively enable end-to-end TikTok channel support,
from configuration and OAuth flow to webhook processing and frontend
message handling.


------------

# TikTok App Setup & Configuration
1. Grant access to the Business Messaging API
([Documentation](https://business-api.tiktok.com/portal/docs?id=1832184145137922))
2. Set the app authorization redirect URL to
`https://FRONTEND_URL/tiktok/callback`
3. Update the installation config with TikTok App ID and Secret
4. Create a Business Messaging Webhook configuration and set the
callback url to `https://FRONTEND_URL/webhooks/tiktok`
([Documentation](https://business-api.tiktok.com/portal/docs?id=1832190670631937))
. You can do this by calling
`Tiktok::AuthClient.update_webhook_callback` from rails console once you
finish Tiktok channel configuration in super admin ( will be automated
in future )
5. Enable TikTok channel feature in an account

---------

Co-authored-by: Sojan Jose <sojan@pepalo.com>
Co-authored-by: iamsivin <iamsivin@gmail.com>
---
 .../tiktok/authorizations_controller.rb       |  15 ++
 app/controllers/dashboard_controller.rb       |   1 +
 .../super_admin/app_configs_controller.rb     |   1 +
 .../tiktok/callbacks_controller.rb            | 144 +++++++++++++++
 app/controllers/webhooks/tiktok_controller.rb |  53 ++++++
 app/helpers/super_admin/features.yml          |   6 +
 app/helpers/tiktok/integration_helper.rb      |  47 +++++
 .../dashboard/api/channel/tiktokClient.js     |  14 ++
 .../dashboard/api/specs/tiktokClient.spec.js  |  35 ++++
 .../Contacts/ContactsForm/ContactsForm.vue    |   2 +
 .../components-next/icon/provider.js          |   1 +
 .../icon/specs/provider.spec.js               |   6 +
 .../components-next/message/Message.vue       |   2 +
 .../components-next/message/MessageMeta.vue   |  10 +-
 .../components-next/message/bubbles/Embed.vue |  30 +++
 .../components-next/message/constants.js      |   1 +
 .../components/widgets/ChannelItem.vue        |   9 +
 .../widgets/conversation/MessagesView.vue     |   6 +
 .../widgets/conversation/ReplyBox.vue         |   3 +
 .../composables/spec/useInbox.spec.js         |   8 +
 .../dashboard/composables/useInbox.js         |   7 +
 app/javascript/dashboard/constants/editor.js  |   5 +
 app/javascript/dashboard/featureFlags.js      |   1 +
 app/javascript/dashboard/helper/inbox.js      |   6 +
 .../dashboard/helper/specs/inbox.spec.js      |  13 ++
 .../dashboard/i18n/locale/en/chatlist.json    |   3 +
 .../dashboard/i18n/locale/en/contact.json     |   3 +
 .../i18n/locale/en/conversation.json          |   3 +-
 .../dashboard/i18n/locale/en/inboxMgmt.json   |  12 ++
 .../conversation/contact/ContactForm.vue      |   1 +
 .../conversation/contact/SocialIcons.vue      |   1 +
 .../settings/inbox/ChannelFactory.vue         |   2 +
 .../dashboard/settings/inbox/ChannelList.vue  |  30 ++-
 .../dashboard/settings/inbox/Settings.vue     |   6 +
 .../settings/inbox/channels/Instagram.vue     | 126 +++++--------
 .../settings/inbox/channels/Tiktok.vue        |  79 ++++++++
 .../inbox/channels/tiktok/Reauthorize.vue     |  37 ++++
 .../settings/inbox/components/ChannelName.vue |   1 +
 .../dashboard/store/modules/inboxes.js        |   7 +
 .../store/modules/specs/inboxes/fixtures.js   |   8 +
 .../modules/specs/inboxes/getters.spec.js     |  14 +-
 .../FluentIcon/dashboard-icons.json           |   1 +
 app/javascript/shared/constants/links.js      |   1 +
 .../shared/helpers/MessageTypeHelper.js       |   2 +
 app/javascript/shared/mixins/inboxMixin.js    |   7 +
 app/jobs/send_reply_job.rb                    |   1 +
 app/jobs/webhooks/tiktok_events_job.rb        |  69 +++++++
 .../channel_notifications_mailer.rb           |   5 +
 app/models/account.rb                         |   1 +
 app/models/attachment.rb                      |  10 +-
 app/models/channel/tiktok.rb                  |  45 +++++
 app/models/concerns/reauthorizable.rb         |   1 +
 app/models/inbox.rb                           |   4 +
 .../conversations/message_window_service.rb   |   6 +
 app/services/tiktok/auth_client.rb            | 145 +++++++++++++++
 app/services/tiktok/client.rb                 | 100 ++++++++++
 app/services/tiktok/message_service.rb        | 174 ++++++++++++++++++
 app/services/tiktok/messaging_helpers.rb      |  68 +++++++
 app/services/tiktok/read_status_service.rb    |  36 ++++
 app/services/tiktok/send_on_tiktok_service.rb |  47 +++++
 app/services/tiktok/token_service.rb          |  77 ++++++++
 app/views/api/v1/models/_inbox.json.jbuilder  |   3 +
 app/views/layouts/vueapp.html.erb             |   1 +
 .../super_admin/application/_icons.html.erb   |   4 +
 config/features.yml                           |   3 +
 config/installation_config.yml                |  10 +
 config/routes.rb                              |   9 +
 .../20251027091242_add_tiktok_channel.rb      |  15 ++
 db/schema.rb                                  |  12 ++
 lib/redis/redis_keys.rb                       |   2 +
 .../images/dashboard/channels/tiktok.png      | Bin 0 -> 24164 bytes
 .../integrations/channels/badges/tiktok.png   | Bin 0 -> 3365 bytes
 .../tiktok/authorizations_controller_spec.rb  |  55 ++++++
 .../tiktok/callbacks_controller_spec.rb       | 139 ++++++++++++++
 .../webhooks/tiktok_controller_spec.rb        |  64 +++++++
 spec/factories/channel/channel_tiktok.rb      |  16 ++
 spec/jobs/send_reply_job_spec.rb              |   9 +
 spec/jobs/webhooks/tiktok_events_job_spec.rb  |  91 +++++++++
 spec/models/attachment_spec.rb                |   8 +
 spec/services/tiktok/message_service_spec.rb  | 117 ++++++++++++
 .../tiktok/read_status_service_spec.rb        |  35 ++++
 .../tiktok/send_on_tiktok_service_spec.rb     |  71 +++++++
 spec/services/tiktok/token_service_spec.rb    |  57 ++++++
 theme/icons.js                                |   5 +
 84 files changed, 2189 insertions(+), 96 deletions(-)
 create mode 100644 app/controllers/api/v1/accounts/tiktok/authorizations_controller.rb
 create mode 100644 app/controllers/tiktok/callbacks_controller.rb
 create mode 100644 app/controllers/webhooks/tiktok_controller.rb
 create mode 100644 app/helpers/tiktok/integration_helper.rb
 create mode 100644 app/javascript/dashboard/api/channel/tiktokClient.js
 create mode 100644 app/javascript/dashboard/api/specs/tiktokClient.spec.js
 create mode 100644 app/javascript/dashboard/components-next/message/bubbles/Embed.vue
 create mode 100644 app/javascript/dashboard/routes/dashboard/settings/inbox/channels/Tiktok.vue
 create mode 100644 app/javascript/dashboard/routes/dashboard/settings/inbox/channels/tiktok/Reauthorize.vue
 create mode 100644 app/jobs/webhooks/tiktok_events_job.rb
 create mode 100644 app/models/channel/tiktok.rb
 create mode 100644 app/services/tiktok/auth_client.rb
 create mode 100644 app/services/tiktok/client.rb
 create mode 100644 app/services/tiktok/message_service.rb
 create mode 100644 app/services/tiktok/messaging_helpers.rb
 create mode 100644 app/services/tiktok/read_status_service.rb
 create mode 100644 app/services/tiktok/send_on_tiktok_service.rb
 create mode 100644 app/services/tiktok/token_service.rb
 create mode 100644 db/migrate/20251027091242_add_tiktok_channel.rb
 create mode 100644 public/assets/images/dashboard/channels/tiktok.png
 create mode 100644 public/integrations/channels/badges/tiktok.png
 create mode 100644 spec/controllers/api/v1/accounts/tiktok/authorizations_controller_spec.rb
 create mode 100644 spec/controllers/tiktok/callbacks_controller_spec.rb
 create mode 100644 spec/controllers/webhooks/tiktok_controller_spec.rb
 create mode 100644 spec/factories/channel/channel_tiktok.rb
 create mode 100644 spec/jobs/webhooks/tiktok_events_job_spec.rb
 create mode 100644 spec/services/tiktok/message_service_spec.rb
 create mode 100644 spec/services/tiktok/read_status_service_spec.rb
 create mode 100644 spec/services/tiktok/send_on_tiktok_service_spec.rb
 create mode 100644 spec/services/tiktok/token_service_spec.rb

diff --git a/app/controllers/api/v1/accounts/tiktok/authorizations_controller.rb b/app/controllers/api/v1/accounts/tiktok/authorizations_controller.rb
new file mode 100644
index 000000000..7c7320393
--- /dev/null
+++ b/app/controllers/api/v1/accounts/tiktok/authorizations_controller.rb
@@ -0,0 +1,15 @@
+class Api::V1::Accounts::Tiktok::AuthorizationsController < Api::V1::Accounts::OauthAuthorizationController
+  include Tiktok::IntegrationHelper
+
+  def create
+    redirect_url = Tiktok::AuthClient.authorize_url(
+      state: generate_tiktok_token(Current.account.id)
+    )
+
+    if redirect_url
+      render json: { success: true, url: redirect_url }
+    else
+      render json: { success: false }, status: :unprocessable_entity
+    end
+  end
+end
diff --git a/app/controllers/dashboard_controller.rb b/app/controllers/dashboard_controller.rb
index 5003c4c70..abf42517c 100644
--- a/app/controllers/dashboard_controller.rb
+++ b/app/controllers/dashboard_controller.rb
@@ -73,6 +73,7 @@ class DashboardController < ActionController::Base
       ENABLE_ACCOUNT_SIGNUP: GlobalConfigService.load('ENABLE_ACCOUNT_SIGNUP', 'false'),
       FB_APP_ID: GlobalConfigService.load('FB_APP_ID', ''),
       INSTAGRAM_APP_ID: GlobalConfigService.load('INSTAGRAM_APP_ID', ''),
+      TIKTOK_APP_ID: GlobalConfigService.load('TIKTOK_APP_ID', ''),
       FACEBOOK_API_VERSION: GlobalConfigService.load('FACEBOOK_API_VERSION', 'v18.0'),
       WHATSAPP_APP_ID: GlobalConfigService.load('WHATSAPP_APP_ID', ''),
       WHATSAPP_CONFIGURATION_ID: GlobalConfigService.load('WHATSAPP_CONFIGURATION_ID', ''),
diff --git a/app/controllers/super_admin/app_configs_controller.rb b/app/controllers/super_admin/app_configs_controller.rb
index 1a9539bb6..ec51305b5 100644
--- a/app/controllers/super_admin/app_configs_controller.rb
+++ b/app/controllers/super_admin/app_configs_controller.rb
@@ -46,6 +46,7 @@ class SuperAdmin::AppConfigsController < SuperAdmin::ApplicationController
       'linear' => %w[LINEAR_CLIENT_ID LINEAR_CLIENT_SECRET],
       'slack' => %w[SLACK_CLIENT_ID SLACK_CLIENT_SECRET],
       'instagram' => %w[INSTAGRAM_APP_ID INSTAGRAM_APP_SECRET INSTAGRAM_VERIFY_TOKEN INSTAGRAM_API_VERSION ENABLE_INSTAGRAM_CHANNEL_HUMAN_AGENT],
+      'tiktok' => %w[TIKTOK_APP_ID TIKTOK_APP_SECRET],
       'whatsapp_embedded' => %w[WHATSAPP_APP_ID WHATSAPP_APP_SECRET WHATSAPP_CONFIGURATION_ID WHATSAPP_API_VERSION],
       'notion' => %w[NOTION_CLIENT_ID NOTION_CLIENT_SECRET],
       'google' => %w[GOOGLE_OAUTH_CLIENT_ID GOOGLE_OAUTH_CLIENT_SECRET GOOGLE_OAUTH_REDIRECT_URI ENABLE_GOOGLE_OAUTH_LOGIN]
diff --git a/app/controllers/tiktok/callbacks_controller.rb b/app/controllers/tiktok/callbacks_controller.rb
new file mode 100644
index 000000000..e484905c3
--- /dev/null
+++ b/app/controllers/tiktok/callbacks_controller.rb
@@ -0,0 +1,144 @@
+class Tiktok::CallbacksController < ApplicationController
+  include Tiktok::IntegrationHelper
+
+  def show
+    return handle_authorization_error if params[:error].present?
+    return handle_ungranted_scopes_error unless all_scopes_granted?
+
+    process_successful_authorization
+  rescue StandardError => e
+    handle_error(e)
+  end
+
+  private
+
+  def all_scopes_granted?
+    granted_scopes = short_term_access_token[:scope].to_s.split(',')
+    (Tiktok::AuthClient::REQUIRED_SCOPES - granted_scopes).blank?
+  end
+
+  def process_successful_authorization
+    inbox, already_exists = find_or_create_inbox
+
+    if already_exists
+      redirect_to app_tiktok_inbox_settings_url(account_id: account_id, inbox_id: inbox.id)
+    else
+      redirect_to app_tiktok_inbox_agents_url(account_id: account_id, inbox_id: inbox.id)
+    end
+  end
+
+  def handle_error(error)
+    Rails.logger.error("TikTok Channel creation Error: #{error.message}")
+    ChatwootExceptionTracker.new(error).capture_exception
+
+    redirect_to_error_page(error_type: error.class.name, code: 500, error_message: error.message)
+  end
+
+  # Handles the case when a user denies permissions or cancels the authorization flow
+  def handle_authorization_error
+    redirect_to_error_page(
+      error_type: params[:error] || 'access_denied',
+      code: params[:error_code],
+      error_message: params[:error_description] || 'User cancelled the Authorization'
+    )
+  end
+
+  # Handles the case when a user partially accepted the required scopes
+  def handle_ungranted_scopes_error
+    redirect_to_error_page(
+      error_type: 'ungranted_scopes',
+      code: 400,
+      error_message: 'User did not grant all the required scopes'
+    )
+  end
+
+  # Centralized method to redirect to error page with appropriate parameters
+  # This ensures consistent error handling across different error scenarios
+  # Frontend will handle the error page based on the error_type
+  def redirect_to_error_page(error_type:, code:, error_message:)
+    redirect_to app_new_tiktok_inbox_url(
+      account_id: account_id,
+      error_type: error_type,
+      code: code,
+      error_message: error_message
+    )
+  end
+
+  def find_or_create_inbox
+    business_details = tiktok_client.business_account_details
+    channel_tiktok = find_channel
+    channel_exists = channel_tiktok.present?
+
+    if channel_tiktok
+      update_channel(channel_tiktok, business_details)
+    else
+      channel_tiktok = create_channel_with_inbox(business_details)
+    end
+
+    # reauthorized will also update cache keys for the associated inbox
+    channel_tiktok.reauthorized!
+
+    set_avatar(channel_tiktok.inbox, business_details[:profile_image]) if business_details[:profile_image].present?
+
+    [channel_tiktok.inbox, channel_exists]
+  end
+
+  def create_channel_with_inbox(business_details)
+    ActiveRecord::Base.transaction do
+      channel_tiktok = Channel::Tiktok.create!(
+        account: account,
+        business_id: short_term_access_token[:business_id],
+        access_token: short_term_access_token[:access_token],
+        refresh_token: short_term_access_token[:refresh_token],
+        expires_at: short_term_access_token[:expires_at],
+        refresh_token_expires_at: short_term_access_token[:refresh_token_expires_at]
+      )
+
+      account.inboxes.create!(
+        account: account,
+        channel: channel_tiktok,
+        name: business_details[:display_name].presence || business_details[:username]
+      )
+
+      channel_tiktok
+    end
+  end
+
+  def find_channel
+    Channel::Tiktok.find_by(business_id: short_term_access_token[:business_id], account: account)
+  end
+
+  def update_channel(channel_tiktok, business_details)
+    channel_tiktok.update!(
+      access_token: short_term_access_token[:access_token],
+      refresh_token: short_term_access_token[:refresh_token],
+      expires_at: short_term_access_token[:expires_at],
+      refresh_token_expires_at: short_term_access_token[:refresh_token_expires_at]
+    )
+
+    channel_tiktok.inbox.update!(name: business_details[:display_name].presence || business_details[:username])
+  end
+
+  def set_avatar(inbox, avatar_url)
+    Avatar::AvatarFromUrlJob.perform_later(inbox, avatar_url)
+  end
+
+  def account_id
+    @account_id ||= verify_tiktok_token(params[:state])
+  end
+
+  def account
+    @account ||= Account.find(account_id)
+  end
+
+  def short_term_access_token
+    @short_term_access_token ||= Tiktok::AuthClient.obtain_short_term_access_token(params[:code])
+  end
+
+  def tiktok_client
+    @tiktok_client ||= Tiktok::Client.new(
+      business_id: short_term_access_token[:business_id],
+      access_token: short_term_access_token[:access_token]
+    )
+  end
+end
diff --git a/app/controllers/webhooks/tiktok_controller.rb b/app/controllers/webhooks/tiktok_controller.rb
new file mode 100644
index 000000000..efaa1830c
--- /dev/null
+++ b/app/controllers/webhooks/tiktok_controller.rb
@@ -0,0 +1,53 @@
+class Webhooks::TiktokController < ActionController::API
+  before_action :verify_signature!
+
+  def events
+    event = JSON.parse(request_payload)
+    if echo_event?
+      # Add delay to prevent race condition where echo arrives before send message API completes
+      # This avoids duplicate messages when echo comes early during API processing
+      ::Webhooks::TiktokEventsJob.set(wait: 2.seconds).perform_later(event)
+    else
+      ::Webhooks::TiktokEventsJob.perform_later(event)
+    end
+
+    head :ok
+  end
+
+  private
+
+  def request_payload
+    @request_payload ||= request.body.read
+  end
+
+  def verify_signature!
+    signature_header = request.headers['Tiktok-Signature']
+    client_secret = GlobalConfigService.load('TIKTOK_APP_SECRET', nil)
+    received_timestamp, received_signature = extract_signature_parts(signature_header)
+
+    return head :unauthorized unless client_secret && received_timestamp && received_signature
+
+    signature_payload = "#{received_timestamp}.#{request_payload}"
+    computed_signature = OpenSSL::HMAC.hexdigest('SHA256', client_secret, signature_payload)
+
+    return head :unauthorized unless ActiveSupport::SecurityUtils.secure_compare(computed_signature, received_signature)
+
+    # Check timestamp delay (acceptable delay: 5 seconds)
+    current_timestamp = Time.current.to_i
+    delay = current_timestamp - received_timestamp
+
+    return head :unauthorized if delay > 5
+  end
+
+  def extract_signature_parts(signature_header)
+    return [nil, nil] if signature_header.blank?
+
+    keys = signature_header.split(',')
+    signature_parts = keys.map { |part| part.split('=') }.to_h
+    [signature_parts['t']&.to_i, signature_parts['s']]
+  end
+
+  def echo_event?
+    params[:event] == 'im_send_msg'
+  end
+end
diff --git a/app/helpers/super_admin/features.yml b/app/helpers/super_admin/features.yml
index b05c603cd..34c7a8138 100644
--- a/app/helpers/super_admin/features.yml
+++ b/app/helpers/super_admin/features.yml
@@ -78,6 +78,12 @@ instagram:
   enabled: true
   icon: 'icon-instagram'
   config_key: 'instagram'
+tiktok:
+  name: 'TikTok'
+  description: 'Stay connected with your customers on TikTok'
+  enabled: true
+  icon: 'icon-tiktok'
+  config_key: 'tiktok'
 whatsapp:
   name: 'WhatsApp'
   description: 'Manage your WhatsApp business interactions from Chatwoot.'
diff --git a/app/helpers/tiktok/integration_helper.rb b/app/helpers/tiktok/integration_helper.rb
new file mode 100644
index 000000000..b2de4a092
--- /dev/null
+++ b/app/helpers/tiktok/integration_helper.rb
@@ -0,0 +1,47 @@
+module Tiktok::IntegrationHelper
+  # Generates a signed JWT token for Tiktok integration
+  #
+  # @param account_id [Integer] The account ID to encode in the token
+  # @return [String, nil] The encoded JWT token or nil if client secret is missing
+  def generate_tiktok_token(account_id)
+    return if client_secret.blank?
+
+    JWT.encode(token_payload(account_id), client_secret, 'HS256')
+  rescue StandardError => e
+    Rails.logger.error("Failed to generate TikTok token: #{e.message}")
+    nil
+  end
+
+  # Verifies and decodes a Tiktok JWT token
+  #
+  # @param token [String] The JWT token to verify
+  # @return [Integer, nil] The account ID from the token or nil if invalid
+  def verify_tiktok_token(token)
+    return if token.blank? || client_secret.blank?
+
+    decode_token(token, client_secret)
+  end
+
+  private
+
+  def client_secret
+    @client_secret ||= GlobalConfigService.load('TIKTOK_APP_SECRET', nil)
+  end
+
+  def token_payload(account_id)
+    {
+      sub: account_id,
+      iat: Time.current.to_i
+    }
+  end
+
+  def decode_token(token, secret)
+    JWT.decode(token, secret, true, {
+                 algorithm: 'HS256',
+                 verify_expiration: true
+               }).first['sub']
+  rescue StandardError => e
+    Rails.logger.error("Unexpected error verifying Tiktok token: #{e.message}")
+    nil
+  end
+end
diff --git a/app/javascript/dashboard/api/channel/tiktokClient.js b/app/javascript/dashboard/api/channel/tiktokClient.js
new file mode 100644
index 000000000..389eb2699
--- /dev/null
+++ b/app/javascript/dashboard/api/channel/tiktokClient.js
@@ -0,0 +1,14 @@
+/* global axios */
+import ApiClient from '../ApiClient';
+
+class TiktokChannel extends ApiClient {
+  constructor() {
+    super('tiktok', { accountScoped: true });
+  }
+
+  generateAuthorization(payload) {
+    return axios.post(`${this.url}/authorization`, payload);
+  }
+}
+
+export default new TiktokChannel();
diff --git a/app/javascript/dashboard/api/specs/tiktokClient.spec.js b/app/javascript/dashboard/api/specs/tiktokClient.spec.js
new file mode 100644
index 000000000..5250e2c7b
--- /dev/null
+++ b/app/javascript/dashboard/api/specs/tiktokClient.spec.js
@@ -0,0 +1,35 @@
+import ApiClient from '../ApiClient';
+import tiktokClient from '../channel/tiktokClient';
+
+describe('#TiktokClient', () => {
+  it('creates correct instance', () => {
+    expect(tiktokClient).toBeInstanceOf(ApiClient);
+    expect(tiktokClient).toHaveProperty('generateAuthorization');
+  });
+
+  describe('#generateAuthorization', () => {
+    const originalAxios = window.axios;
+    const originalPathname = window.location.pathname;
+    const axiosMock = {
+      post: vi.fn(() => Promise.resolve()),
+    };
+
+    beforeEach(() => {
+      window.axios = axiosMock;
+      window.history.pushState({}, '', '/app/accounts/1/settings');
+    });
+
+    afterEach(() => {
+      window.axios = originalAxios;
+      window.history.pushState({}, '', originalPathname);
+    });
+
+    it('posts to the authorization endpoint', () => {
+      tiktokClient.generateAuthorization({ state: 'test-state' });
+      expect(axiosMock.post).toHaveBeenCalledWith(
+        '/api/v1/accounts/1/tiktok/authorization',
+        { state: 'test-state' }
+      );
+    });
+  });
+});
diff --git a/app/javascript/dashboard/components-next/Contacts/ContactsForm/ContactsForm.vue b/app/javascript/dashboard/components-next/Contacts/ContactsForm/ContactsForm.vue
index e77a0c10d..3dc29738e 100644
--- a/app/javascript/dashboard/components-next/Contacts/ContactsForm/ContactsForm.vue
+++ b/app/javascript/dashboard/components-next/Contacts/ContactsForm/ContactsForm.vue
@@ -44,6 +44,7 @@ const SOCIAL_CONFIG = {
   LINKEDIN: 'i-ri-linkedin-box-fill',
   FACEBOOK: 'i-ri-facebook-circle-fill',
   INSTAGRAM: 'i-ri-instagram-line',
+  TIKTOK: 'i-ri-tiktok-fill',
   TWITTER: 'i-ri-twitter-x-fill',
   GITHUB: 'i-ri-github-fill',
 };
@@ -65,6 +66,7 @@ const defaultState = {
       facebook: '',
       github: '',
       instagram: '',
+      tiktok: '',
       linkedin: '',
       twitter: '',
     },
diff --git a/app/javascript/dashboard/components-next/icon/provider.js b/app/javascript/dashboard/components-next/icon/provider.js
index a356ae2fd..25b54d125 100644
--- a/app/javascript/dashboard/components-next/icon/provider.js
+++ b/app/javascript/dashboard/components-next/icon/provider.js
@@ -13,6 +13,7 @@ export function useChannelIcon(inbox) {
     'Channel::WebWidget': 'i-woot-website',
     'Channel::Whatsapp': 'i-woot-whatsapp',
     'Channel::Instagram': 'i-woot-instagram',
+    'Channel::Tiktok': 'i-woot-tiktok',
     'Channel::Voice': 'i-ri-phone-fill',
   };
 
diff --git a/app/javascript/dashboard/components-next/icon/specs/provider.spec.js b/app/javascript/dashboard/components-next/icon/specs/provider.spec.js
index e32df567d..7f2319b86 100644
--- a/app/javascript/dashboard/components-next/icon/specs/provider.spec.js
+++ b/app/javascript/dashboard/components-next/icon/specs/provider.spec.js
@@ -61,6 +61,12 @@ describe('useChannelIcon', () => {
     expect(icon).toBe('i-woot-instagram');
   });
 
+  it('returns correct icon for TikTok channel', () => {
+    const inbox = { channel_type: 'Channel::Tiktok' };
+    const { value: icon } = useChannelIcon(inbox);
+    expect(icon).toBe('i-woot-tiktok');
+  });
+
   describe('TwilioSms channel', () => {
     it('returns chat icon for regular Twilio SMS channel', () => {
       const inbox = { channel_type: 'Channel::TwilioSms' };
diff --git a/app/javascript/dashboard/components-next/message/Message.vue b/app/javascript/dashboard/components-next/message/Message.vue
index fabef6bc5..6fa7ff2b2 100644
--- a/app/javascript/dashboard/components-next/message/Message.vue
+++ b/app/javascript/dashboard/components-next/message/Message.vue
@@ -28,6 +28,7 @@ import ImageBubble from './bubbles/Image.vue';
 import FileBubble from './bubbles/File.vue';
 import AudioBubble from './bubbles/Audio.vue';
 import VideoBubble from './bubbles/Video.vue';
+import EmbedBubble from './bubbles/Embed.vue';
 import InstagramStoryBubble from './bubbles/InstagramStory.vue';
 import EmailBubble from './bubbles/Email/Index.vue';
 import UnsupportedBubble from './bubbles/Unsupported.vue';
@@ -317,6 +318,7 @@ const componentToRender = computed(() => {
       if (fileType === ATTACHMENT_TYPES.AUDIO) return AudioBubble;
       if (fileType === ATTACHMENT_TYPES.VIDEO) return VideoBubble;
       if (fileType === ATTACHMENT_TYPES.IG_REEL) return VideoBubble;
+      if (fileType === ATTACHMENT_TYPES.EMBED) return EmbedBubble;
       if (fileType === ATTACHMENT_TYPES.LOCATION) return LocationBubble;
     }
     // Attachment content is the name of the contact
diff --git a/app/javascript/dashboard/components-next/message/MessageMeta.vue b/app/javascript/dashboard/components-next/message/MessageMeta.vue
index e0602cb89..e633d7c3c 100644
--- a/app/javascript/dashboard/components-next/message/MessageMeta.vue
+++ b/app/javascript/dashboard/components-next/message/MessageMeta.vue
@@ -20,6 +20,7 @@ const {
   isAWhatsAppChannel,
   isAnEmailChannel,
   isAnInstagramChannel,
+  isATiktokChannel,
 } = useInbox();
 
 const {
@@ -60,7 +61,8 @@ const isSent = computed(() => {
     isAFacebookInbox.value ||
     isASmsInbox.value ||
     isATelegramChannel.value ||
-    isAnInstagramChannel.value
+    isAnInstagramChannel.value ||
+    isATiktokChannel.value
   ) {
     return sourceId.value && status.value === MESSAGE_STATUS.SENT;
   }
@@ -78,7 +80,8 @@ const isDelivered = computed(() => {
     isAWhatsAppChannel.value ||
     isATwilioChannel.value ||
     isASmsInbox.value ||
-    isAFacebookInbox.value
+    isAFacebookInbox.value ||
+    isATiktokChannel.value
   ) {
     return sourceId.value && status.value === MESSAGE_STATUS.DELIVERED;
   }
@@ -100,7 +103,8 @@ const isRead = computed(() => {
     isAWhatsAppChannel.value ||
     isATwilioChannel.value ||
     isAFacebookInbox.value ||
-    isAnInstagramChannel.value
+    isAnInstagramChannel.value ||
+    isATiktokChannel.value
   ) {
     return sourceId.value && status.value === MESSAGE_STATUS.READ;
   }
diff --git a/app/javascript/dashboard/components-next/message/bubbles/Embed.vue b/app/javascript/dashboard/components-next/message/bubbles/Embed.vue
new file mode 100644
index 000000000..4229e1a89
--- /dev/null
+++ b/app/javascript/dashboard/components-next/message/bubbles/Embed.vue
@@ -0,0 +1,30 @@
+<script setup>
+import { computed } from 'vue';
+import BaseBubble from './Base.vue';
+import { useMessageContext } from '../provider.js';
+import { useI18n } from 'vue-i18n';
+
+const { attachments } = useMessageContext();
+const { t } = useI18n();
+
+const attachment = computed(() => {
+  return attachments.value[0];
+});
+</script>
+
+<template>
+  <BaseBubble class="overflow-hidden p-3" data-bubble-name="embed">
+    <div
+      class="w-full max-w-[360px] sm:max-w-[420px] min-h-[520px] h-[70vh] max-h-[680px]"
+    >
+      <iframe
+        class="w-full h-full border-0 rounded-lg"
+        :title="t('CHAT_LIST.ATTACHMENTS.embed.CONTENT')"
+        :src="attachment.dataUrl"
+        loading="lazy"
+        allow="autoplay; encrypted-media; picture-in-picture"
+        allowfullscreen
+      />
+    </div>
+  </BaseBubble>
+</template>
diff --git a/app/javascript/dashboard/components-next/message/constants.js b/app/javascript/dashboard/components-next/message/constants.js
index 09985da81..9efae789c 100644
--- a/app/javascript/dashboard/components-next/message/constants.js
+++ b/app/javascript/dashboard/components-next/message/constants.js
@@ -49,6 +49,7 @@ export const ATTACHMENT_TYPES = {
   STORY_MENTION: 'story_mention',
   CONTACT: 'contact',
   IG_REEL: 'ig_reel',
+  EMBED: 'embed',
   IG_POST: 'ig_post',
   IG_STORY: 'ig_story',
 };
diff --git a/app/javascript/dashboard/components/widgets/ChannelItem.vue b/app/javascript/dashboard/components/widgets/ChannelItem.vue
index afd74409d..31c58da47 100644
--- a/app/javascript/dashboard/components/widgets/ChannelItem.vue
+++ b/app/javascript/dashboard/components/widgets/ChannelItem.vue
@@ -23,6 +23,10 @@ const hasInstagramConfigured = computed(() => {
   return window.chatwootConfig?.instagramAppId;
 });
 
+const hasTiktokConfigured = computed(() => {
+  return window.chatwootConfig?.tiktokAppId;
+});
+
 const isActive = computed(() => {
   const { key } = props.channel;
   if (Object.keys(props.enabledFeatures).length === 0) {
@@ -44,6 +48,10 @@ const isActive = computed(() => {
     );
   }
 
+  if (key === 'tiktok') {
+    return props.enabledFeatures.channel_tiktok && hasTiktokConfigured.value;
+  }
+
   if (key === 'voice') {
     return props.enabledFeatures.channel_voice;
   }
@@ -57,6 +65,7 @@ const isActive = computed(() => {
     'telegram',
     'line',
     'instagram',
+    'tiktok',
     'voice',
   ].includes(key);
 });
diff --git a/app/javascript/dashboard/components/widgets/conversation/MessagesView.vue b/app/javascript/dashboard/components/widgets/conversation/MessagesView.vue
index 8d35308cb..d8c04573d 100644
--- a/app/javascript/dashboard/components/widgets/conversation/MessagesView.vue
+++ b/app/javascript/dashboard/components/widgets/conversation/MessagesView.vue
@@ -205,6 +205,9 @@ export default {
       if (this.isAWhatsAppCloudChannel) {
         return REPLY_POLICY.WHATSAPP_CLOUD;
       }
+      if (this.isATiktokChannel) {
+        return REPLY_POLICY.TIKTOK;
+      }
       if (!this.isAPIInbox) {
         return REPLY_POLICY.TWILIO_WHATSAPP;
       }
@@ -218,6 +221,9 @@ export default {
       ) {
         return this.$t('CONVERSATION.24_HOURS_WINDOW');
       }
+      if (this.isATiktokChannel) {
+        return this.$t('CONVERSATION.48_HOURS_WINDOW');
+      }
       if (!this.isAPIInbox) {
         return this.$t('CONVERSATION.TWILIO_WHATSAPP_24_HOURS_WINDOW');
       }
diff --git a/app/javascript/dashboard/components/widgets/conversation/ReplyBox.vue b/app/javascript/dashboard/components/widgets/conversation/ReplyBox.vue
index ee4fa1641..40127aca3 100644
--- a/app/javascript/dashboard/components/widgets/conversation/ReplyBox.vue
+++ b/app/javascript/dashboard/components/widgets/conversation/ReplyBox.vue
@@ -234,6 +234,9 @@ export default {
       if (this.isAnInstagramChannel) {
         return MESSAGE_MAX_LENGTH.INSTAGRAM;
       }
+      if (this.isATiktokChannel) {
+        return MESSAGE_MAX_LENGTH.TIKTOK;
+      }
       if (this.isATwilioWhatsAppChannel) {
         return MESSAGE_MAX_LENGTH.TWILIO_WHATSAPP;
       }
diff --git a/app/javascript/dashboard/composables/spec/useInbox.spec.js b/app/javascript/dashboard/composables/spec/useInbox.spec.js
index 64dbcdd5f..71472a35b 100644
--- a/app/javascript/dashboard/composables/spec/useInbox.spec.js
+++ b/app/javascript/dashboard/composables/spec/useInbox.spec.js
@@ -48,6 +48,7 @@ const mockStore = createStore({
             12: { id: 12, channel_type: INBOX_TYPES.SMS },
             13: { id: 13, channel_type: INBOX_TYPES.INSTAGRAM },
             14: { id: 14, channel_type: INBOX_TYPES.VOICE },
+            15: { id: 15, channel_type: INBOX_TYPES.TIKTOK },
           };
           return inboxes[id] || null;
         },
@@ -215,6 +216,12 @@ describe('useInbox', () => {
         global: { plugins: [mockStore] },
       });
       expect(wrapper.vm.isAVoiceChannel).toBe(true);
+
+      // Test Tiktok
+      wrapper = mount(createTestComponent(15), {
+        global: { plugins: [mockStore] },
+      });
+      expect(wrapper.vm.isATiktokChannel).toBe(true);
     });
   });
 
@@ -266,6 +273,7 @@ describe('useInbox', () => {
         'is360DialogWhatsAppChannel',
         'isAnEmailChannel',
         'isAnInstagramChannel',
+        'isATiktokChannel',
         'isAVoiceChannel',
       ];
 
diff --git a/app/javascript/dashboard/composables/useInbox.js b/app/javascript/dashboard/composables/useInbox.js
index ae9738dd6..632d3556b 100644
--- a/app/javascript/dashboard/composables/useInbox.js
+++ b/app/javascript/dashboard/composables/useInbox.js
@@ -17,6 +17,7 @@ export const INBOX_FEATURE_MAP = {
     INBOX_TYPES.TWITTER,
     INBOX_TYPES.WHATSAPP,
     INBOX_TYPES.TELEGRAM,
+    INBOX_TYPES.TIKTOK,
     INBOX_TYPES.API,
   ],
   [INBOX_FEATURES.REPLY_TO_OUTGOING]: [
@@ -24,6 +25,7 @@ export const INBOX_FEATURE_MAP = {
     INBOX_TYPES.TWITTER,
     INBOX_TYPES.WHATSAPP,
     INBOX_TYPES.TELEGRAM,
+    INBOX_TYPES.TIKTOK,
     INBOX_TYPES.API,
   ],
 };
@@ -128,6 +130,10 @@ export const useInbox = (inboxId = null) => {
     return channelType.value === INBOX_TYPES.INSTAGRAM;
   });
 
+  const isATiktokChannel = computed(() => {
+    return channelType.value === INBOX_TYPES.TIKTOK;
+  });
+
   const isAVoiceChannel = computed(() => {
     return channelType.value === INBOX_TYPES.VOICE;
   });
@@ -149,6 +155,7 @@ export const useInbox = (inboxId = null) => {
     is360DialogWhatsAppChannel,
     isAnEmailChannel,
     isAnInstagramChannel,
+    isATiktokChannel,
     isAVoiceChannel,
   };
 };
diff --git a/app/javascript/dashboard/constants/editor.js b/app/javascript/dashboard/constants/editor.js
index 087caa99f..a1e4da28d 100644
--- a/app/javascript/dashboard/constants/editor.js
+++ b/app/javascript/dashboard/constants/editor.js
@@ -109,6 +109,11 @@ export const FORMATTING = {
     nodes: [],
     menu: [],
   },
+  'Channel::Tiktok': {
+    marks: [],
+    nodes: [],
+    menu: [],
+  },
   // Special contexts (not actual channels)
   'Context::Default': {
     marks: ['strong', 'em', 'code', 'link', 'strike'],
diff --git a/app/javascript/dashboard/featureFlags.js b/app/javascript/dashboard/featureFlags.js
index 0508826d6..803f88de3 100644
--- a/app/javascript/dashboard/featureFlags.js
+++ b/app/javascript/dashboard/featureFlags.js
@@ -37,6 +37,7 @@ export const FEATURE_FLAGS = {
   CHATWOOT_V4: 'chatwoot_v4',
   REPORT_V4: 'report_v4',
   CHANNEL_INSTAGRAM: 'channel_instagram',
+  CHANNEL_TIKTOK: 'channel_tiktok',
   CONTACT_CHATWOOT_SUPPORT_TEAM: 'contact_chatwoot_support_team',
   CAPTAIN_V2: 'captain_integration_v2',
   SAML: 'saml',
diff --git a/app/javascript/dashboard/helper/inbox.js b/app/javascript/dashboard/helper/inbox.js
index 05823e8a7..71cd0aa2c 100644
--- a/app/javascript/dashboard/helper/inbox.js
+++ b/app/javascript/dashboard/helper/inbox.js
@@ -10,6 +10,7 @@ export const INBOX_TYPES = {
   LINE: 'Channel::Line',
   SMS: 'Channel::Sms',
   INSTAGRAM: 'Channel::Instagram',
+  TIKTOK: 'Channel::Tiktok',
   VOICE: 'Channel::Voice',
 };
 
@@ -28,6 +29,7 @@ const INBOX_ICON_MAP_FILL = {
   [INBOX_TYPES.TELEGRAM]: 'i-ri-telegram-fill',
   [INBOX_TYPES.LINE]: 'i-ri-line-fill',
   [INBOX_TYPES.INSTAGRAM]: 'i-ri-instagram-fill',
+  [INBOX_TYPES.TIKTOK]: 'i-ri-tiktok-fill',
   [INBOX_TYPES.VOICE]: 'i-ri-phone-fill',
 };
 
@@ -43,6 +45,7 @@ const INBOX_ICON_MAP_LINE = {
   [INBOX_TYPES.TELEGRAM]: 'i-ri-telegram-line',
   [INBOX_TYPES.LINE]: 'i-ri-line-line',
   [INBOX_TYPES.INSTAGRAM]: 'i-ri-instagram-line',
+  [INBOX_TYPES.TIKTOK]: 'i-ri-tiktok-line',
   [INBOX_TYPES.VOICE]: 'i-ri-phone-line',
 };
 
@@ -136,6 +139,9 @@ export const getInboxClassByType = (type, phoneNumber) => {
     case INBOX_TYPES.INSTAGRAM:
       return 'brand-instagram';
 
+    case INBOX_TYPES.TIKTOK:
+      return 'brand-tiktok';
+
     case INBOX_TYPES.VOICE:
       return 'phone';
 
diff --git a/app/javascript/dashboard/helper/specs/inbox.spec.js b/app/javascript/dashboard/helper/specs/inbox.spec.js
index 76ce96fc8..784681546 100644
--- a/app/javascript/dashboard/helper/specs/inbox.spec.js
+++ b/app/javascript/dashboard/helper/specs/inbox.spec.js
@@ -38,6 +38,9 @@ describe('#Inbox Helpers', () => {
     it('should return correct class for Email', () => {
       expect(getInboxClassByType('Channel::Email')).toEqual('mail');
     });
+    it('should return correct class for TikTok', () => {
+      expect(getInboxClassByType(INBOX_TYPES.TIKTOK)).toEqual('brand-tiktok');
+    });
   });
 
   describe('getInboxIconByType', () => {
@@ -80,6 +83,10 @@ describe('#Inbox Helpers', () => {
         expect(getInboxIconByType(INBOX_TYPES.LINE)).toBe('i-ri-line-fill');
       });
 
+      it('returns correct icon for TikTok', () => {
+        expect(getInboxIconByType(INBOX_TYPES.TIKTOK)).toBe('i-ri-tiktok-fill');
+      });
+
       it('returns default icon for unknown type', () => {
         expect(getInboxIconByType('UNKNOWN_TYPE')).toBe('i-ri-chat-1-fill');
       });
@@ -102,6 +109,12 @@ describe('#Inbox Helpers', () => {
         );
       });
 
+      it('returns correct line icon for TikTok', () => {
+        expect(getInboxIconByType(INBOX_TYPES.TIKTOK, null, 'line')).toBe(
+          'i-ri-tiktok-line'
+        );
+      });
+
       it('returns correct line icon for unknown type', () => {
         expect(getInboxIconByType('UNKNOWN_TYPE', null, 'line')).toBe(
           'i-ri-chat-1-line'
diff --git a/app/javascript/dashboard/i18n/locale/en/chatlist.json b/app/javascript/dashboard/i18n/locale/en/chatlist.json
index ec416f6cb..92e67635b 100644
--- a/app/javascript/dashboard/i18n/locale/en/chatlist.json
+++ b/app/javascript/dashboard/i18n/locale/en/chatlist.json
@@ -102,6 +102,9 @@
       },
       "contact": {
         "CONTENT": "Shared contact"
+      },
+      "embed": {
+        "CONTENT": "Embedded content"
       }
     },
     "CHAT_SORT_BY_FILTER": {
diff --git a/app/javascript/dashboard/i18n/locale/en/contact.json b/app/javascript/dashboard/i18n/locale/en/contact.json
index e324e1951..32b37de55 100644
--- a/app/javascript/dashboard/i18n/locale/en/contact.json
+++ b/app/javascript/dashboard/i18n/locale/en/contact.json
@@ -458,6 +458,9 @@
           "INSTAGRAM": {
             "PLACEHOLDER": "Add Instagram"
           },
+          "TIKTOK": {
+            "PLACEHOLDER": "Add TikTok"
+          },
           "LINKEDIN": {
             "PLACEHOLDER": "Add LinkedIn"
           },
diff --git a/app/javascript/dashboard/i18n/locale/en/conversation.json b/app/javascript/dashboard/i18n/locale/en/conversation.json
index cfb41615b..d2f31e000 100644
--- a/app/javascript/dashboard/i18n/locale/en/conversation.json
+++ b/app/javascript/dashboard/i18n/locale/en/conversation.json
@@ -32,6 +32,7 @@
     "LOADING_CONVERSATIONS": "Loading Conversations",
     "CANNOT_REPLY": "You cannot reply due to",
     "24_HOURS_WINDOW": "24 hour message window restriction",
+    "48_HOURS_WINDOW": "48 hour message window restriction",
     "API_HOURS_WINDOW": "You can only reply to this conversation within {hours} hours",
     "NOT_ASSIGNED_TO_YOU": "This conversation is not assigned to you. Would you like to assign this conversation to yourself?",
     "ASSIGN_TO_ME": "Assign to me",
@@ -57,7 +58,7 @@
     },
     "UPLOADING_ATTACHMENTS": "Uploading attachments...",
     "REPLIED_TO_STORY": "Replied to your story",
-    "UNSUPPORTED_MESSAGE": "This message is unsupported. You can view this message on the Facebook / Instagram app.",
+    "UNSUPPORTED_MESSAGE": "This message is unsupported. To view it, please open it on the original platform.",
     "UNSUPPORTED_MESSAGE_FACEBOOK": "This message is unsupported. You can view this message on the Facebook Messenger app.",
     "UNSUPPORTED_MESSAGE_INSTAGRAM": "This message is unsupported. You can view this message on the Instagram app.",
     "SUCCESS_DELETE_MESSAGE": "Message deleted successfully",
diff --git a/app/javascript/dashboard/i18n/locale/en/inboxMgmt.json b/app/javascript/dashboard/i18n/locale/en/inboxMgmt.json
index a4092289e..fa15f5f4d 100644
--- a/app/javascript/dashboard/i18n/locale/en/inboxMgmt.json
+++ b/app/javascript/dashboard/i18n/locale/en/inboxMgmt.json
@@ -57,6 +57,13 @@
         "NEW_INBOX_SUGGESTION": "This Instagram account was previously linked to a different inbox and has now been migrated here. All new messages will appear here. The old inbox will no longer be able to send or receive messages for this account.",
         "DUPLICATE_INBOX_BANNER": "This Instagram account was migrated to the new Instagram channel inbox. You won’t be able to send/receive Instagram messages from this inbox anymore."
       },
+      "TIKTOK": {
+        "CONTINUE_WITH_TIKTOK": "Continue with TikTok",
+        "CONNECT_YOUR_TIKTOK_PROFILE": "Connect your TikTok Profile",
+        "HELP": "To add your TikTok profile as a channel, you need to authenticate your TikTok Profile by clicking on 'Continue with TikTok' ",
+        "ERROR_MESSAGE": "There was an error connecting to TikTok, please try again",
+        "ERROR_AUTH": "There was an error connecting to TikTok, please try again"
+      },
       "TWITTER": {
         "HELP": "To add your Twitter profile as a channel, you need to authenticate your Twitter Profile by clicking on 'Sign in with Twitter' ",
         "ERROR_MESSAGE": "There was an error connecting to Twitter, please try again",
@@ -471,6 +478,10 @@
             "TITLE": "Instagram",
             "DESCRIPTION": "Connect your instagram account"
           },
+          "TIKTOK": {
+            "TITLE": "TikTok",
+            "DESCRIPTION": "Connect your TikTok account"
+          },
           "VOICE": {
             "TITLE": "Voice",
             "DESCRIPTION": "Integrate with Twilio Voice"
@@ -1009,6 +1020,7 @@
       "LINE": "Line",
       "API": "API Channel",
       "INSTAGRAM": "Instagram",
+      "TIKTOK": "TikTok",
       "VOICE": "Voice"
     }
   }
diff --git a/app/javascript/dashboard/routes/dashboard/conversation/contact/ContactForm.vue b/app/javascript/dashboard/routes/dashboard/conversation/contact/ContactForm.vue
index 4009d699c..2ada95084 100644
--- a/app/javascript/dashboard/routes/dashboard/conversation/contact/ContactForm.vue
+++ b/app/javascript/dashboard/routes/dashboard/conversation/contact/ContactForm.vue
@@ -62,6 +62,7 @@ export default {
         { key: 'twitter', prefixURL: 'https://twitter.com/' },
         { key: 'linkedin', prefixURL: 'https://linkedin.com/' },
         { key: 'github', prefixURL: 'https://github.com/' },
+        { key: 'tiktok', prefixURL: 'https://tiktok.com/@' },
       ],
     };
   },
diff --git a/app/javascript/dashboard/routes/dashboard/conversation/contact/SocialIcons.vue b/app/javascript/dashboard/routes/dashboard/conversation/contact/SocialIcons.vue
index b5c4b12be..1c24d181d 100644
--- a/app/javascript/dashboard/routes/dashboard/conversation/contact/SocialIcons.vue
+++ b/app/javascript/dashboard/routes/dashboard/conversation/contact/SocialIcons.vue
@@ -15,6 +15,7 @@ export default {
         { key: 'github', icon: 'github', link: 'https://github.com/' },
         { key: 'instagram', icon: 'instagram', link: 'https://instagram.com/' },
         { key: 'telegram', icon: 'telegram', link: 'https://t.me/' },
+        { key: 'tiktok', icon: 'tiktok', link: 'https://tiktok.com/@' },
       ],
     };
   },
diff --git a/app/javascript/dashboard/routes/dashboard/settings/inbox/ChannelFactory.vue b/app/javascript/dashboard/routes/dashboard/settings/inbox/ChannelFactory.vue
index 609365e20..7d1d58854 100644
--- a/app/javascript/dashboard/routes/dashboard/settings/inbox/ChannelFactory.vue
+++ b/app/javascript/dashboard/routes/dashboard/settings/inbox/ChannelFactory.vue
@@ -10,6 +10,7 @@ import Whatsapp from './channels/Whatsapp.vue';
 import Line from './channels/Line.vue';
 import Telegram from './channels/Telegram.vue';
 import Instagram from './channels/Instagram.vue';
+import Tiktok from './channels/Tiktok.vue';
 import Voice from './channels/Voice.vue';
 
 const channelViewList = {
@@ -23,6 +24,7 @@ const channelViewList = {
   line: Line,
   telegram: Telegram,
   instagram: Instagram,
+  tiktok: Tiktok,
   voice: Voice,
 };
 
diff --git a/app/javascript/dashboard/routes/dashboard/settings/inbox/ChannelList.vue b/app/javascript/dashboard/routes/dashboard/settings/inbox/ChannelList.vue
index f3faad1dd..d6fe854a7 100644
--- a/app/javascript/dashboard/routes/dashboard/settings/inbox/ChannelList.vue
+++ b/app/javascript/dashboard/routes/dashboard/settings/inbox/ChannelList.vue
@@ -16,9 +16,13 @@ const globalConfig = useMapGetter('globalConfig/get');
 
 const enabledFeatures = ref({});
 
+const hasTiktokConfigured = computed(() => {
+  return window.chatwootConfig?.tiktokAppId;
+});
+
 const channelList = computed(() => {
   const { apiChannelName } = globalConfig.value;
-  return [
+  const channels = [
     {
       key: 'website',
       title: t('INBOX_MGMT.ADD.AUTH.CHANNEL.WEBSITE.TITLE'),
@@ -73,13 +77,25 @@ const channelList = computed(() => {
       description: t('INBOX_MGMT.ADD.AUTH.CHANNEL.INSTAGRAM.DESCRIPTION'),
       icon: 'i-woot-instagram',
     },
-    {
-      key: 'voice',
-      title: t('INBOX_MGMT.ADD.AUTH.CHANNEL.VOICE.TITLE'),
-      description: t('INBOX_MGMT.ADD.AUTH.CHANNEL.VOICE.DESCRIPTION'),
-      icon: 'i-ri-phone-fill',
-    },
   ];
+
+  if (hasTiktokConfigured.value) {
+    channels.push({
+      key: 'tiktok',
+      title: t('INBOX_MGMT.ADD.AUTH.CHANNEL.TIKTOK.TITLE'),
+      description: t('INBOX_MGMT.ADD.AUTH.CHANNEL.TIKTOK.DESCRIPTION'),
+      icon: 'i-woot-tiktok',
+    });
+  }
+
+  channels.push({
+    key: 'voice',
+    title: t('INBOX_MGMT.ADD.AUTH.CHANNEL.VOICE.TITLE'),
+    description: t('INBOX_MGMT.ADD.AUTH.CHANNEL.VOICE.DESCRIPTION'),
+    icon: 'i-ri-phone-fill',
+  });
+
+  return channels;
 });
 
 const initializeEnabledFeatures = async () => {
diff --git a/app/javascript/dashboard/routes/dashboard/settings/inbox/Settings.vue b/app/javascript/dashboard/routes/dashboard/settings/inbox/Settings.vue
index 6a10d0986..a27243f63 100644
--- a/app/javascript/dashboard/routes/dashboard/settings/inbox/Settings.vue
+++ b/app/javascript/dashboard/routes/dashboard/settings/inbox/Settings.vue
@@ -9,6 +9,7 @@ import SettingsSection from '../../../../components/SettingsSection.vue';
 import inboxMixin from 'shared/mixins/inboxMixin';
 import FacebookReauthorize from './facebook/Reauthorize.vue';
 import InstagramReauthorize from './channels/instagram/Reauthorize.vue';
+import TiktokReauthorize from './channels/tiktok/Reauthorize.vue';
 import DuplicateInboxBanner from './channels/instagram/DuplicateInboxBanner.vue';
 import MicrosoftReauthorize from './channels/microsoft/Reauthorize.vue';
 import GoogleReauthorize from './channels/google/Reauthorize.vue';
@@ -48,6 +49,7 @@ export default {
     GoogleReauthorize,
     NextButton,
     InstagramReauthorize,
+    TiktokReauthorize,
     WhatsappReauthorize,
     DuplicateInboxBanner,
     Editor,
@@ -248,6 +250,9 @@ export default {
     instagramUnauthorized() {
       return this.isAnInstagramChannel && this.inbox.reauthorization_required;
     },
+    tiktokUnauthorized() {
+      return this.isATiktokChannel && this.inbox.reauthorization_required;
+    },
     // Check if a instagram inbox exists with the same instagram_id
     hasDuplicateInstagramInbox() {
       const instagramId = this.inbox.instagram_id;
@@ -524,6 +529,7 @@ export default {
       <FacebookReauthorize v-if="facebookUnauthorized" :inbox="inbox" />
       <GoogleReauthorize v-if="googleUnauthorized" :inbox="inbox" />
       <InstagramReauthorize v-if="instagramUnauthorized" :inbox="inbox" />
+      <TiktokReauthorize v-if="tiktokUnauthorized" :inbox="inbox" />
       <WhatsappReauthorize
         v-if="whatsappUnauthorized"
         :whatsapp-registration-incomplete="whatsappRegistrationIncomplete"
diff --git a/app/javascript/dashboard/routes/dashboard/settings/inbox/channels/Instagram.vue b/app/javascript/dashboard/routes/dashboard/settings/inbox/channels/Instagram.vue
index bf714e71b..f603cfc56 100644
--- a/app/javascript/dashboard/routes/dashboard/settings/inbox/channels/Instagram.vue
+++ b/app/javascript/dashboard/routes/dashboard/settings/inbox/channels/Instagram.vue
@@ -1,63 +1,46 @@
-<script>
-import { useVuelidate } from '@vuelidate/core';
-import { useAccount } from 'dashboard/composables/useAccount';
+<script setup>
+import { ref, onMounted } from 'vue';
+import { useI18n } from 'vue-i18n';
 import instagramClient from 'dashboard/api/channel/instagramClient';
+import Button from 'dashboard/components-next/button/Button.vue';
 
-export default {
-  setup() {
-    const { accountId } = useAccount();
-    return {
-      accountId,
-      v$: useVuelidate(),
-    };
-  },
-  data() {
-    return {
-      isCreating: false,
-      hasError: false,
-      errorStateMessage: '',
-      errorStateDescription: '',
-      isRequestingAuthorization: false,
-    };
-  },
+const { t } = useI18n();
 
-  mounted() {
-    const urlParams = new URLSearchParams(window.location.search);
-    //  TODO: Handle error type
-    // const errorType = urlParams.get('error_type');
-    const errorCode = urlParams.get('code');
-    const errorMessage = urlParams.get('error_message');
+const hasError = ref(false);
+const errorStateMessage = ref('');
+const errorStateDescription = ref('');
+const isRequestingAuthorization = ref(false);
 
-    if (errorMessage) {
-      this.hasError = true;
-      if (errorCode === '400') {
-        this.errorStateMessage = errorMessage;
-        this.errorStateDescription = this.$t(
-          'INBOX_MGMT.ADD.INSTAGRAM.ERROR_AUTH'
-        );
-      } else {
-        this.errorStateMessage = this.$t(
-          'INBOX_MGMT.ADD.INSTAGRAM.ERROR_MESSAGE'
-        );
-        this.errorStateDescription = errorMessage;
-      }
+onMounted(() => {
+  const urlParams = new URLSearchParams(window.location.search);
+  //  TODO: Handle error type
+  // const errorType = urlParams.get('error_type');
+  const errorCode = urlParams.get('code');
+  const errorMessage = urlParams.get('error_message');
+
+  if (errorMessage) {
+    hasError.value = true;
+    if (errorCode === '400') {
+      errorStateMessage.value = errorMessage;
+      errorStateDescription.value = t('INBOX_MGMT.ADD.INSTAGRAM.ERROR_AUTH');
+    } else {
+      errorStateMessage.value = t('INBOX_MGMT.ADD.INSTAGRAM.ERROR_MESSAGE');
+      errorStateDescription.value = errorMessage;
     }
-    // User need to remove the error params from the url to avoid the error to be shown again after page reload, so that user can try again
-    const cleanURL = window.location.pathname;
-    window.history.replaceState({}, document.title, cleanURL);
-  },
+  }
+  // User need to remove the error params from the url to avoid the error to be shown again after page reload, so that user can try again
+  const cleanURL = window.location.pathname;
+  window.history.replaceState({}, document.title, cleanURL);
+});
 
-  methods: {
-    async requestAuthorization() {
-      this.isRequestingAuthorization = true;
-      const response = await instagramClient.generateAuthorization();
-      const {
-        data: { url },
-      } = response;
+const requestAuthorization = async () => {
+  isRequestingAuthorization.value = true;
+  const response = await instagramClient.generateAuthorization();
+  const {
+    data: { url },
+  } = response;
 
-      window.location.href = url;
-    },
-  },
+  window.location.href = url;
 };
 </script>
 
@@ -81,38 +64,15 @@ export default {
         <p class="py-6 text-sm text-n-slate-11">
           {{ $t('INBOX_MGMT.ADD.INSTAGRAM.HELP') }}
         </p>
-        <button
-          class="flex items-center justify-center px-8 py-3.5 gap-2 text-white rounded-full bg-gradient-to-r from-[#833AB4] via-[#FD1D1D] to-[#FCAF45] hover:shadow-lg transition-all duration-300 min-w-[240px] overflow-hidden"
+        <Button
+          class="text-white !rounded-full !px-6 bg-gradient-to-r from-[#833AB4] via-[#FD1D1D] to-[#FCAF45]"
+          lg
+          icon="i-ri-instagram-line"
           :disabled="isRequestingAuthorization"
+          :is-loading="isRequestingAuthorization"
+          :label="$t('INBOX_MGMT.ADD.INSTAGRAM.CONTINUE_WITH_INSTAGRAM')"
           @click="requestAuthorization()"
-        >
-          <span class="i-ri-instagram-line size-5" />
-          <span class="text-base font-medium">
-            {{ $t('INBOX_MGMT.ADD.INSTAGRAM.CONTINUE_WITH_INSTAGRAM') }}
-          </span>
-          <span v-if="isRequestingAuthorization" class="ml-2">
-            <svg
-              class="w-5 h-5 animate-spin"
-              xmlns="http://www.w3.org/2000/svg"
-              fill="none"
-              viewBox="0 0 24 24"
-            >
-              <circle
-                class="opacity-25"
-                cx="12"
-                cy="12"
-                r="10"
-                stroke="currentColor"
-                stroke-width="4"
-              />
-              <path
-                class="opacity-75"
-                fill="currentColor"
-                d="M4 12a8 8 0 018-8V0C5.373 0 0 5.373 0 12h4zm2 5.291A7.962 7.962 0 014 12H0c0 3.042 1.135 5.824 3 7.938l3-2.647z"
-              />
-            </svg>
-          </span>
-        </button>
+        />
       </div>
     </div>
   </div>
diff --git a/app/javascript/dashboard/routes/dashboard/settings/inbox/channels/Tiktok.vue b/app/javascript/dashboard/routes/dashboard/settings/inbox/channels/Tiktok.vue
new file mode 100644
index 000000000..50a326835
--- /dev/null
+++ b/app/javascript/dashboard/routes/dashboard/settings/inbox/channels/Tiktok.vue
@@ -0,0 +1,79 @@
+<script setup>
+import { ref, onMounted } from 'vue';
+import { useI18n } from 'vue-i18n';
+import tiktokClient from 'dashboard/api/channel/tiktokClient';
+import Button from 'dashboard/components-next/button/Button.vue';
+
+const { t } = useI18n();
+
+const hasError = ref(false);
+const errorStateMessage = ref('');
+const errorStateDescription = ref('');
+const isRequestingAuthorization = ref(false);
+
+onMounted(() => {
+  const urlParams = new URLSearchParams(window.location.search);
+  //  TODO: Handle error type
+  // const errorType = urlParams.get('error_type');
+  const errorCode = urlParams.get('code');
+  const errorMessage = urlParams.get('error_message');
+
+  if (errorMessage) {
+    hasError.value = true;
+    if (errorCode === '400') {
+      errorStateMessage.value = errorMessage;
+      errorStateDescription.value = t('INBOX_MGMT.ADD.TIKTOK.ERROR_AUTH');
+    } else {
+      errorStateMessage.value = t('INBOX_MGMT.ADD.TIKTOK.ERROR_MESSAGE');
+      errorStateDescription.value = errorMessage;
+    }
+  }
+  // User need to remove the error params from the url to avoid the error to be shown again after page reload, so that user can try again
+  const cleanURL = window.location.pathname;
+  window.history.replaceState({}, document.title, cleanURL);
+});
+
+const requestAuthorization = async () => {
+  isRequestingAuthorization.value = true;
+  const response = await tiktokClient.generateAuthorization();
+  const {
+    data: { url },
+  } = response;
+
+  window.location.href = url;
+};
+</script>
+
+<template>
+  <div class="h-full p-6 w-full max-w-full flex-shrink-0 flex-grow-0">
+    <div class="flex flex-col items-center justify-start h-full text-center">
+      <div v-if="hasError" class="max-w-lg mx-auto text-center">
+        <h5>{{ errorStateMessage }}</h5>
+        <p
+          v-if="errorStateDescription"
+          v-dompurify-html="errorStateDescription"
+        />
+      </div>
+      <div
+        v-else
+        class="flex flex-col items-center justify-center px-8 py-10 text-center rounded-2xl outline outline-1 outline-n-weak"
+      >
+        <h6 class="text-2xl font-medium">
+          {{ $t('INBOX_MGMT.ADD.TIKTOK.CONNECT_YOUR_TIKTOK_PROFILE') }}
+        </h6>
+        <p class="py-6 text-sm text-n-slate-11">
+          {{ $t('INBOX_MGMT.ADD.TIKTOK.HELP') }}
+        </p>
+        <Button
+          class="text-white !rounded-full !px-6 bg-gradient-to-r from-[#00f2ea] via-[#ff0050] to-[#000000]"
+          lg
+          icon="i-ri-tiktok-line"
+          :disabled="isRequestingAuthorization"
+          :is-loading="isRequestingAuthorization"
+          :label="$t('INBOX_MGMT.ADD.TIKTOK.CONTINUE_WITH_TIKTOK')"
+          @click="requestAuthorization()"
+        />
+      </div>
+    </div>
+  </div>
+</template>
diff --git a/app/javascript/dashboard/routes/dashboard/settings/inbox/channels/tiktok/Reauthorize.vue b/app/javascript/dashboard/routes/dashboard/settings/inbox/channels/tiktok/Reauthorize.vue
new file mode 100644
index 000000000..5d48c6f8c
--- /dev/null
+++ b/app/javascript/dashboard/routes/dashboard/settings/inbox/channels/tiktok/Reauthorize.vue
@@ -0,0 +1,37 @@
+<script setup>
+import { ref } from 'vue';
+import InboxReconnectionRequired from '../../components/InboxReconnectionRequired.vue';
+
+import tiktokClient from 'dashboard/api/channel/tiktokClient';
+
+import { useI18n } from 'vue-i18n';
+import { useAlert } from 'dashboard/composables';
+
+const { t } = useI18n();
+
+const isRequestingAuthorization = ref(false);
+
+async function requestAuthorization() {
+  try {
+    isRequestingAuthorization.value = true;
+    const response = await tiktokClient.generateAuthorization();
+
+    const {
+      data: { url },
+    } = response;
+
+    window.location.href = url;
+  } catch (error) {
+    useAlert(t('INBOX_MGMT.ADD.TIKTOK.ERROR_AUTH'));
+  } finally {
+    isRequestingAuthorization.value = false;
+  }
+}
+</script>
+
+<template>
+  <InboxReconnectionRequired
+    class="mx-8 mt-5"
+    @reauthorize="requestAuthorization"
+  />
+</template>
diff --git a/app/javascript/dashboard/routes/dashboard/settings/inbox/components/ChannelName.vue b/app/javascript/dashboard/routes/dashboard/settings/inbox/components/ChannelName.vue
index 4ff8b1ab1..1804e1224 100644
--- a/app/javascript/dashboard/routes/dashboard/settings/inbox/components/ChannelName.vue
+++ b/app/javascript/dashboard/routes/dashboard/settings/inbox/components/ChannelName.vue
@@ -29,6 +29,7 @@ const i18nMap = {
   'Channel::Line': 'LINE',
   'Channel::Api': 'API',
   'Channel::Instagram': 'INSTAGRAM',
+  'Channel::Tiktok': 'TIKTOK',
   'Channel::Voice': 'VOICE',
 };
 
diff --git a/app/javascript/dashboard/store/modules/inboxes.js b/app/javascript/dashboard/store/modules/inboxes.js
index 5d788e8ce..ac7d1483e 100644
--- a/app/javascript/dashboard/store/modules/inboxes.js
+++ b/app/javascript/dashboard/store/modules/inboxes.js
@@ -165,6 +165,13 @@ export const getters = {
         item.channel_type === INBOX_TYPES.INSTAGRAM
     );
   },
+  getTiktokInboxByBusinessId: $state => businessId => {
+    return $state.records.find(
+      item =>
+        item.business_id === businessId &&
+        item.channel_type === INBOX_TYPES.TIKTOK
+    );
+  },
 };
 
 const sendAnalyticsEvent = channelType => {
diff --git a/app/javascript/dashboard/store/modules/specs/inboxes/fixtures.js b/app/javascript/dashboard/store/modules/specs/inboxes/fixtures.js
index 382df4828..cc2d6bbf3 100644
--- a/app/javascript/dashboard/store/modules/specs/inboxes/fixtures.js
+++ b/app/javascript/dashboard/store/modules/specs/inboxes/fixtures.js
@@ -71,4 +71,12 @@ export default [
     instagram_id: 123456789,
     provider: 'default',
   },
+  {
+    id: 8,
+    channel_id: 8,
+    name: 'Test TikTok 1',
+    channel_type: 'Channel::Tiktok',
+    business_id: 123456789,
+    provider: 'default',
+  },
 ];
diff --git a/app/javascript/dashboard/store/modules/specs/inboxes/getters.spec.js b/app/javascript/dashboard/store/modules/specs/inboxes/getters.spec.js
index ac2aab26b..5885836ed 100644
--- a/app/javascript/dashboard/store/modules/specs/inboxes/getters.spec.js
+++ b/app/javascript/dashboard/store/modules/specs/inboxes/getters.spec.js
@@ -27,7 +27,7 @@ describe('#getters', () => {
 
   it('dialogFlowEnabledInboxes', () => {
     const state = { records: inboxList };
-    expect(getters.dialogFlowEnabledInboxes(state).length).toEqual(7);
+    expect(getters.dialogFlowEnabledInboxes(state).length).toEqual(8);
   });
 
   it('getInbox', () => {
@@ -95,6 +95,18 @@ describe('#getters', () => {
     });
   });
 
+  it('getTiktokInboxByBusinessId', () => {
+    const state = { records: inboxList };
+    expect(getters.getTiktokInboxByBusinessId(state)(123456789)).toEqual({
+      id: 8,
+      channel_id: 8,
+      name: 'Test TikTok 1',
+      channel_type: 'Channel::Tiktok',
+      business_id: 123456789,
+      provider: 'default',
+    });
+  });
+
   describe('getFilteredWhatsAppTemplates', () => {
     it('returns empty array when inbox not found', () => {
       const state = { records: [] };
diff --git a/app/javascript/shared/components/FluentIcon/dashboard-icons.json b/app/javascript/shared/components/FluentIcon/dashboard-icons.json
index 918d012be..3c130f874 100644
--- a/app/javascript/shared/components/FluentIcon/dashboard-icons.json
+++ b/app/javascript/shared/components/FluentIcon/dashboard-icons.json
@@ -45,6 +45,7 @@
   "bot-outline": "M17.753 14a2.25 2.25 0 0 1 2.25 2.25v.905a3.75 3.75 0 0 1-1.307 2.846C17.13 21.345 14.89 22 12 22c-2.89 0-5.128-.656-6.691-2a3.75 3.75 0 0 1-1.306-2.843v-.908A2.25 2.25 0 0 1 6.253 14h11.5Zm0 1.5h-11.5a.75.75 0 0 0-.75.75v.908c0 .655.286 1.278.784 1.706C7.545 19.945 9.44 20.502 12 20.502c2.56 0 4.458-.557 5.719-1.64a2.25 2.25 0 0 0 .784-1.706v-.906a.75.75 0 0 0-.75-.75ZM11.898 2.008 12 2a.75.75 0 0 1 .743.648l.007.102V3.5h3.5a2.25 2.25 0 0 1 2.25 2.25v4.505a2.25 2.25 0 0 1-2.25 2.25h-8.5a2.25 2.25 0 0 1-2.25-2.25V5.75A2.25 2.25 0 0 1 7.75 3.5h3.5v-.749a.75.75 0 0 1 .648-.743L12 2l-.102.007ZM16.25 5h-8.5a.75.75 0 0 0-.75.75v4.505c0 .414.336.75.75.75h8.5a.75.75 0 0 0 .75-.75V5.75a.75.75 0 0 0-.75-.75Zm-6.5 1.5a1.25 1.25 0 1 1 0 2.5 1.25 1.25 0 0 1 0-2.5Zm4.492 0a1.25 1.25 0 1 1 0 2.499 1.25 1.25 0 0 1 0-2.499Z",
   "brand-facebook-outline": "M24 12.073c0-6.627-5.373-12-12-12s-12 5.373-12 12c0 5.99 4.388 10.954 10.125 11.854v-8.385H7.078v-3.47h3.047V9.43c0-3.007 1.792-4.669 4.533-4.669 1.312 0 2.686.235 2.686.235v2.953H15.83c-1.491 0-1.956.925-1.956 1.874v2.25h3.328l-.532 3.47h-2.796v8.385C19.612 23.027 24 18.062 24 12.073z",
   "brand-instagram-outline": "M 8 3 C 5.243 3 3 5.243 3 8 L 3 16 C 3 18.757 5.243 21 8 21 L 16 21 C 18.757 21 21 18.757 21 16 L 21 8 C 21 5.243 18.757 3 16 3 L 8 3 z M 8 5 L 16 5 C 17.654 5 19 6.346 19 8 L 19 16 C 19 17.654 17.654 19 16 19 L 8 19 C 6.346 19 5 17.654 5 16 L 5 8 C 5 6.346 6.346 5 8 5 z M 17 6 A 1 1 0 0 0 16 7 A 1 1 0 0 0 17 8 A 1 1 0 0 0 18 7 A 1 1 0 0 0 17 6 z M 12 7 C 9.243 7 7 9.243 7 12 C 7 14.757 9.243 17 12 17 C 14.757 17 17 14.757 17 12 C 17 9.243 14.757 7 12 7 z M 12 9 C 13.654 9 15 10.346 15 12 C 15 13.654 13.654 15 12 15 C 10.346 15 9 13.654 9 12 C 9 10.346 10.346 9 12 9 z",
+  "brand-tiktok-outline": "M 8 3 C 5.243 3 3 5.243 3 8 L 3 16 C 3 18.757 5.243 21 8 21 L 16 21 C 18.757 21 21 18.757 21 16 L 21 8 C 21 5.243 18.757 3 16 3 L 8 3 z M 8 5 L 16 5 C 17.654 5 19 6.346 19 8 L 19 16 C 19 17.654 17.654 19 16 19 L 8 19 C 6.346 19 5 17.654 5 16 L 5 8 C 5 6.346 6.346 5 8 5 z M 17 6 A 1 1 0 0 0 16 7 A 1 1 0 0 0 17 8 A 1 1 0 0 0 18 7 A 1 1 0 0 0 17 6 z M 12 7 C 9.243 7 7 9.243 7 12 C 7 14.757 9.243 17 12 17 C 14.757 17 17 14.757 17 12 C 17 9.243 14.757 7 12 7 z M 12 9 C 13.654 9 15 10.346 15 12 C 15 13.654 13.654 15 12 15 C 10.346 15 9 13.654 9 12 C 9 10.346 10.346 9 12 9 z",
   "brand-github-outline": "M12 0C5.37 0 0 5.37 0 12c0 5.31 3.435 9.795 8.205 11.385c.6.105.825-.255.825-.57c0-.285-.015-1.23-.015-2.235c-3.015.555-3.795-.735-4.035-1.41c-.135-.345-.72-1.41-1.23-1.695c-.42-.225-1.02-.78-.015-.795c.945-.015 1.62.87 1.845 1.23c1.08 1.815 2.805 1.305 3.495.99c.105-.78.42-1.305.765-1.605c-2.67-.3-5.46-1.335-5.46-5.925c0-1.305.465-2.385 1.23-3.225c-.12-.3-.54-1.53.12-3.18c0 0 1.005-.315 3.3 1.23c.96-.27 1.98-.405 3-.405s2.04.135 3 .405c2.295-1.56 3.3-1.23 3.3-1.23c.66 1.65.24 2.88.12 3.18c.765.84 1.23 1.905 1.23 3.225c0 4.605-2.805 5.625-5.475 5.925c.435.375.81 1.095.81 2.22c0 1.605-.015 2.895-.015 3.3c0 .315.225.69.825.57A12.02 12.02 0 0 0 24 12c0-6.63-5.37-12-12-12Z",
   "brand-line-outline": "M19.365 9.863c.349 0 .63.285.63.631 0 .345-.281.63-.63.63H17.61v1.125h1.755c.349 0 .63.283.63.63 0 .344-.281.629-.63.629h-2.386c-.345 0-.627-.285-.627-.629V8.108c0-.345.282-.63.63-.63h2.386c.346 0 .627.285.627.63 0 .349-.281.63-.63.63H17.61v1.125h1.755zm-3.855 3.016c0 .27-.174.51-.432.596-.064.021-.133.031-.199.031-.211 0-.391-.09-.51-.25l-2.443-3.317v2.94c0 .344-.279.629-.631.629-.346 0-.626-.285-.626-.629V8.108c0-.27.173-.51.43-.595.06-.023.136-.033.194-.033.195 0 .375.104.495.254l2.462 3.33V8.108c0-.345.282-.63.63-.63.345 0 .63.285.63.63v4.771zm-5.741 0c0 .344-.282.629-.631.629-.345 0-.627-.285-.627-.629V8.108c0-.345.282-.63.63-.63.346 0 .628.285.628.63v4.771zm-2.466.629H4.917c-.345 0-.63-.285-.63-.629V8.108c0-.345.285-.63.63-.63.348 0 .63.285.63.63v4.141h1.756c.348 0 .629.283.629.63 0 .344-.282.629-.629.629M24 10.314C24 4.943 18.615.572 12 .572S0 4.943 0 10.314c0 4.811 4.27 8.842 10.035 9.608.391.082.923.258 1.058.59.12.301.079.766.038 1.08l-.164 1.02c-.045.301-.24 1.186 1.049.645 1.291-.539 6.916-4.078 9.436-6.975C23.176 14.393 24 12.458 24 10.314",
   "brand-linkedin-outline": "M20.447 20.452h-3.554v-5.569c0-1.328-.027-3.037-1.852-3.037-1.853 0-2.136 1.445-2.136 2.939v5.667H9.351V9h3.414v1.561h.046c.477-.9 1.637-1.85 3.37-1.85 3.601 0 4.267 2.37 4.267 5.455v6.286zM5.337 7.433c-1.144 0-2.063-.926-2.063-2.065 0-1.138.92-2.063 2.063-2.063 1.14 0 2.064.925 2.064 2.063 0 1.139-.925 2.065-2.064 2.065zm1.782 13.019H3.555V9h3.564v11.452zM22.225 0H1.771C.792 0 0 .774 0 1.729v20.542C0 23.227.792 24 1.771 24h20.451C23.2 24 24 23.227 24 22.271V1.729C24 .774 23.2 0 22.222 0h.003z",
diff --git a/app/javascript/shared/constants/links.js b/app/javascript/shared/constants/links.js
index 94d3de3f6..4797cec4e 100644
--- a/app/javascript/shared/constants/links.js
+++ b/app/javascript/shared/constants/links.js
@@ -5,6 +5,7 @@ export const REPLY_POLICY = {
     'https://www.twilio.com/docs/whatsapp/tutorial/send-whatsapp-notification-messages-templates#sending-non-template-messages-within-a-24-hour-session',
   WHATSAPP_CLOUD:
     'https://business.whatsapp.com/policy#:~:text=You%20may%20reply%20to%20a,messages%20via%20approved%20Message%20Templates.',
+  TIKTOK: 'https://business-api.tiktok.com/portal/docs?id=1832184236919810',
 };
 
 export const CHANGELOG_API_URL = 'https://hub.2.chatwoot.com/changelogs';
diff --git a/app/javascript/shared/helpers/MessageTypeHelper.js b/app/javascript/shared/helpers/MessageTypeHelper.js
index 1e6cf454c..d2bc6f187 100644
--- a/app/javascript/shared/helpers/MessageTypeHelper.js
+++ b/app/javascript/shared/helpers/MessageTypeHelper.js
@@ -8,6 +8,8 @@ export const MESSAGE_MAX_LENGTH = {
   FACEBOOK: 2000,
   // https://developers.facebook.com/docs/instagram-platform/instagram-api-with-instagram-login/messaging-api#send-a-text-message
   INSTAGRAM: 1000,
+  // https://business-api.tiktok.com/portal/docs?id=1832184403754242
+  TIKTOK: 6000,
   // https://www.twilio.com/docs/glossary/what-sms-character-limit
   TWILIO_SMS: 320,
   // https://help.twilio.com/articles/360033806753-Maximum-Message-Length-with-Twilio-Programmable-Messaging
diff --git a/app/javascript/shared/mixins/inboxMixin.js b/app/javascript/shared/mixins/inboxMixin.js
index c1f48f6f4..3fe04dc11 100644
--- a/app/javascript/shared/mixins/inboxMixin.js
+++ b/app/javascript/shared/mixins/inboxMixin.js
@@ -14,6 +14,7 @@ export const INBOX_FEATURE_MAP = {
     INBOX_TYPES.TWITTER,
     INBOX_TYPES.WHATSAPP,
     INBOX_TYPES.TELEGRAM,
+    INBOX_TYPES.TIKTOK,
     INBOX_TYPES.API,
   ],
   [INBOX_FEATURES.REPLY_TO_OUTGOING]: [
@@ -21,6 +22,7 @@ export const INBOX_FEATURE_MAP = {
     INBOX_TYPES.TWITTER,
     INBOX_TYPES.WHATSAPP,
     INBOX_TYPES.TELEGRAM,
+    INBOX_TYPES.TIKTOK,
     INBOX_TYPES.API,
   ],
 };
@@ -115,6 +117,8 @@ export default {
         badgeKey = this.twilioBadge;
       } else if (this.isAWhatsAppChannel) {
         badgeKey = 'whatsapp';
+      } else if (this.isATiktokChannel) {
+        badgeKey = 'tiktok';
       }
       return badgeKey || this.channelType;
     },
@@ -127,6 +131,9 @@ export default {
     isAnInstagramChannel() {
       return this.channelType === INBOX_TYPES.INSTAGRAM;
     },
+    isATiktokChannel() {
+      return this.channelType === INBOX_TYPES.TIKTOK;
+    },
   },
   methods: {
     inboxHasFeature(feature) {
diff --git a/app/jobs/send_reply_job.rb b/app/jobs/send_reply_job.rb
index 0aba9f7f1..e892c189a 100644
--- a/app/jobs/send_reply_job.rb
+++ b/app/jobs/send_reply_job.rb
@@ -9,6 +9,7 @@ class SendReplyJob < ApplicationJob
     'Channel::Whatsapp' => ::Whatsapp::SendOnWhatsappService,
     'Channel::Sms' => ::Sms::SendOnSmsService,
     'Channel::Instagram' => ::Instagram::SendOnInstagramService,
+    'Channel::Tiktok' => ::Tiktok::SendOnTiktokService,
     'Channel::Email' => ::Email::SendOnEmailService,
     'Channel::WebWidget' => ::Messages::SendEmailNotificationService,
     'Channel::Api' => ::Messages::SendEmailNotificationService
diff --git a/app/jobs/webhooks/tiktok_events_job.rb b/app/jobs/webhooks/tiktok_events_job.rb
new file mode 100644
index 000000000..3461b93cf
--- /dev/null
+++ b/app/jobs/webhooks/tiktok_events_job.rb
@@ -0,0 +1,69 @@
+# https://business-api.tiktok.com/portal/docs?id=1832190670631937
+class Webhooks::TiktokEventsJob < MutexApplicationJob
+  queue_as :default
+  retry_on LockAcquisitionError, wait: 2.seconds, attempts: 8
+
+  SUPPORTED_EVENTS = [:im_send_msg, :im_receive_msg, :im_mark_read_msg].freeze
+
+  def perform(event)
+    @event = event.with_indifferent_access
+
+    return if channel_is_inactive?
+
+    key = format(::Redis::Alfred::TIKTOK_MESSAGE_MUTEX, business_id: business_id, conversation_id: conversation_id)
+    with_lock(key, 10.seconds) do
+      process_event
+    end
+  end
+
+  private
+
+  def channel_is_inactive?
+    return true if channel.blank?
+    return true unless channel.account.active?
+
+    false
+  end
+
+  def process_event
+    return if event_name.blank? || channel.blank?
+
+    send(event_name)
+  end
+
+  def event_name
+    @event_name ||= SUPPORTED_EVENTS.include?(@event[:event].to_sym) ? @event[:event] : nil
+  end
+
+  def business_id
+    @business_id ||= @event[:user_openid]
+  end
+
+  def content
+    @content ||= JSON.parse(@event[:content]).deep_symbolize_keys
+  end
+
+  def conversation_id
+    @conversation_id ||= content[:conversation_id]
+  end
+
+  def channel
+    @channel ||= Channel::Tiktok.find_by(business_id: business_id)
+  end
+
+  # Receive real-time notifications if you send a message to a user.
+  def im_send_msg
+    # This can be either an echo message or a message sent directly via tiktok application
+    ::Tiktok::MessageService.new(channel: channel, content: content).perform
+  end
+
+  # Receive real-time notifications if a user outside the European Economic Area (EEA), Switzerland, or the UK sends a message to you.
+  def im_receive_msg
+    ::Tiktok::MessageService.new(channel: channel, content: content).perform
+  end
+
+  # Receive real-time notifications when a Personal Account user marks all messages in a session as read.
+  def im_mark_read_msg
+    ::Tiktok::ReadStatusService.new(channel: channel, content: content).perform
+  end
+end
diff --git a/app/mailers/administrator_notifications/channel_notifications_mailer.rb b/app/mailers/administrator_notifications/channel_notifications_mailer.rb
index 05508a4ce..1957f421b 100644
--- a/app/mailers/administrator_notifications/channel_notifications_mailer.rb
+++ b/app/mailers/administrator_notifications/channel_notifications_mailer.rb
@@ -9,6 +9,11 @@ class AdministratorNotifications::ChannelNotificationsMailer < AdministratorNoti
     send_notification(subject, action_url: inbox_url(inbox))
   end
 
+  def tiktok_disconnect(inbox)
+    subject = 'Your TikTok connection has expired'
+    send_notification(subject, action_url: inbox_url(inbox))
+  end
+
   def whatsapp_disconnect(inbox)
     subject = 'Your Whatsapp connection has expired'
     send_notification(subject, action_url: inbox_url(inbox))
diff --git a/app/models/account.rb b/app/models/account.rb
index bcfebf39a..f52896496 100644
--- a/app/models/account.rb
+++ b/app/models/account.rb
@@ -82,6 +82,7 @@ class Account < ApplicationRecord
   has_many :email_channels, dependent: :destroy_async, class_name: '::Channel::Email'
   has_many :facebook_pages, dependent: :destroy_async, class_name: '::Channel::FacebookPage'
   has_many :instagram_channels, dependent: :destroy_async, class_name: '::Channel::Instagram'
+  has_many :tiktok_channels, dependent: :destroy_async, class_name: '::Channel::Tiktok'
   has_many :hooks, dependent: :destroy_async, class_name: 'Integrations::Hook'
   has_many :inboxes, dependent: :destroy_async
   has_many :labels, dependent: :destroy_async
diff --git a/app/models/attachment.rb b/app/models/attachment.rb
index 0c45f2292..5ee784243 100644
--- a/app/models/attachment.rb
+++ b/app/models/attachment.rb
@@ -40,7 +40,7 @@ class Attachment < ApplicationRecord
   validate :acceptable_file
   validates :external_url, length: { maximum: Limits::URL_LENGTH_LIMIT }
   enum file_type: { :image => 0, :audio => 1, :video => 2, :file => 3, :location => 4, :fallback => 5, :share => 6, :story_mention => 7,
-                    :contact => 8, :ig_reel => 9, :ig_post => 10, :ig_story => 11 }
+                    :contact => 8, :ig_reel => 9, :ig_post => 10, :ig_story => 11, :embed => 12 }
 
   def push_event_data
     return unless file_type
@@ -86,11 +86,19 @@ class Attachment < ApplicationRecord
       contact_metadata
     when :audio
       audio_metadata
+    when :embed
+      embed_data
     else
       file_metadata
     end
   end
 
+  def embed_data
+    {
+      data_url: external_url
+    }
+  end
+
   def audio_metadata
     audio_file_data = base_data.merge(file_metadata)
     audio_file_data.merge(
diff --git a/app/models/channel/tiktok.rb b/app/models/channel/tiktok.rb
new file mode 100644
index 000000000..8a6876a67
--- /dev/null
+++ b/app/models/channel/tiktok.rb
@@ -0,0 +1,45 @@
+# == Schema Information
+#
+# Table name: channel_tiktok
+#
+#  id                       :bigint           not null, primary key
+#  access_token             :string           not null
+#  expires_at               :datetime         not null
+#  refresh_token            :string           not null
+#  refresh_token_expires_at :datetime         not null
+#  created_at               :datetime         not null
+#  updated_at               :datetime         not null
+#  account_id               :integer          not null
+#  business_id              :string           not null
+#
+# Indexes
+#
+#  index_channel_tiktok_on_business_id  (business_id) UNIQUE
+#
+class Channel::Tiktok < ApplicationRecord
+  include Channelable
+  include Reauthorizable
+  self.table_name = 'channel_tiktok'
+
+  # TODO: Remove guard once encryption keys become mandatory (target 3-4 releases out).
+  if Chatwoot.encryption_configured?
+    encrypts :access_token
+    encrypts :refresh_token
+  end
+
+  AUTHORIZATION_ERROR_THRESHOLD = 1
+
+  validates :business_id, uniqueness: true, presence: true
+  validates :access_token, presence: true
+  validates :refresh_token, presence: true
+  validates :expires_at, presence: true
+  validates :refresh_token_expires_at, presence: true
+
+  def name
+    'Tiktok'
+  end
+
+  def validated_access_token
+    Tiktok::TokenService.new(channel: self).access_token
+  end
+end
diff --git a/app/models/concerns/reauthorizable.rb b/app/models/concerns/reauthorizable.rb
index 94bbed0d9..7a09f6436 100644
--- a/app/models/concerns/reauthorizable.rb
+++ b/app/models/concerns/reauthorizable.rb
@@ -76,6 +76,7 @@ module Reauthorizable
       'Integrations::Hook' => ->(obj) { obj.process_integration_hook_reauthorization_emails },
       'Channel::FacebookPage' => ->(obj) { obj.send_channel_reauthorization_email(:facebook_disconnect) },
       'Channel::Instagram' => ->(obj) { obj.send_channel_reauthorization_email(:instagram_disconnect) },
+      'Channel::Tiktok' => ->(obj) { obj.send_channel_reauthorization_email(:tiktok_disconnect) },
       'Channel::Whatsapp' => ->(obj) { obj.send_channel_reauthorization_email(:whatsapp_disconnect) },
       'Channel::Email' => ->(obj) { obj.send_channel_reauthorization_email(:email_disconnect) },
       'AutomationRule' => ->(obj) { obj.handle_automation_rule_reauthorization }
diff --git a/app/models/inbox.rb b/app/models/inbox.rb
index 894c57bcc..94b90fa2a 100644
--- a/app/models/inbox.rb
+++ b/app/models/inbox.rb
@@ -126,6 +126,10 @@ class Inbox < ApplicationRecord
     channel_type == 'Channel::Instagram'
   end
 
+  def tiktok?
+    channel_type == 'Channel::Tiktok'
+  end
+
   def web_widget?
     channel_type == 'Channel::WebWidget'
   end
diff --git a/app/services/conversations/message_window_service.rb b/app/services/conversations/message_window_service.rb
index 2394c1791..97fd9413b 100644
--- a/app/services/conversations/message_window_service.rb
+++ b/app/services/conversations/message_window_service.rb
@@ -22,6 +22,8 @@ class Conversations::MessageWindowService
       messenger_messaging_window
     when 'Channel::Instagram'
       instagram_messaging_window
+    when 'Channel::Tiktok'
+      tiktok_messaging_window
     when 'Channel::Whatsapp'
       MESSAGING_WINDOW_24_HOURS
     when 'Channel::TwilioSms'
@@ -54,6 +56,10 @@ class Conversations::MessageWindowService
     meta_messaging_window('ENABLE_INSTAGRAM_CHANNEL_HUMAN_AGENT')
   end
 
+  def tiktok_messaging_window
+    48.hours
+  end
+
   def meta_messaging_window(config_key)
     GlobalConfigService.load(config_key, nil) ? MESSAGING_WINDOW_7_DAYS : MESSAGING_WINDOW_24_HOURS
   end
diff --git a/app/services/tiktok/auth_client.rb b/app/services/tiktok/auth_client.rb
new file mode 100644
index 000000000..d152d0338
--- /dev/null
+++ b/app/services/tiktok/auth_client.rb
@@ -0,0 +1,145 @@
+class Tiktok::AuthClient
+  REQUIRED_SCOPES = %w[user.info.basic user.info.username user.info.stats user.info.profile user.account.type user.insights message.list.read
+                       message.list.send message.list.manage].freeze
+
+  class << self
+    def authorize_url(state: nil)
+      tiktok_client = ::OAuth2::Client.new(
+        client_id,
+        client_secret,
+        {
+          site: 'https://www.tiktok.com',
+          authorize_url: '/v2/auth/authorize',
+          auth_scheme: :basic_auth
+        }
+      )
+
+      tiktok_client.authorize_url(
+        {
+          response_type: 'code',
+          client_key: client_id,
+          redirect_uri: redirect_uri,
+          scope: REQUIRED_SCOPES.join(','),
+          state: state
+        }
+      )
+    end
+
+    # https://business-api.tiktok.com/portal/docs?id=1832184159540418
+    def obtain_short_term_access_token(auth_code) # rubocop:disable Metrics/MethodLength
+      endpoint = 'https://business-api.tiktok.com/open_api/v1.3/tt_user/oauth2/token/'
+      headers = { 'Accept' => 'application/json', 'Content-Type' => 'application/json' }
+      body = {
+        client_id: client_id,
+        client_secret: client_secret,
+        grant_type: 'authorization_code',
+        auth_code: auth_code,
+        redirect_uri: redirect_uri
+      }
+
+      response = HTTParty.post(
+        endpoint,
+        body: body.to_json,
+        headers: headers
+      )
+
+      json = process_json_response(response, 'Failed to obtain TikTok short-term access token')
+
+      {
+        business_id: json['data']['open_id'],
+        scope: json['data']['scope'],
+        access_token: json['data']['access_token'],
+        refresh_token: json['data']['refresh_token'],
+        expires_at: Time.current + json['data']['expires_in'].seconds,
+        refresh_token_expires_at: Time.current + json['data']['refresh_token_expires_in'].seconds
+      }.with_indifferent_access
+    end
+
+    def renew_short_term_access_token(refresh_token) # rubocop:disable Metrics/MethodLength
+      endpoint = 'https://business-api.tiktok.com/open_api/v1.3/tt_user/oauth2/refresh_token/'
+      headers = { 'Accept' => 'application/json', 'Content-Type' => 'application/json' }
+      body = {
+        client_id: client_id,
+        client_secret: client_secret,
+        grant_type: 'refresh_token',
+        refresh_token: refresh_token
+      }
+
+      response = HTTParty.post(
+        endpoint,
+        body: body.to_json,
+        headers: headers
+      )
+
+      json = process_json_response(response, 'Failed to renew TikTok short-term access token')
+
+      {
+        access_token: json['data']['access_token'],
+        refresh_token: json['data']['refresh_token'],
+        expires_at: Time.current + json['data']['expires_in'].seconds,
+        refresh_token_expires_at: Time.current + json['data']['refresh_token_expires_in'].seconds
+      }.with_indifferent_access
+    end
+
+    def webhook_callback
+      endpoint = 'https://business-api.tiktok.com/open_api/v1.3/business/webhook/list/'
+      headers = { Accept: 'application/json' }
+      params = {
+        app_id: client_id,
+        secret: client_secret,
+        event_type: 'DIRECT_MESSAGE'
+      }
+      response = HTTParty.get(endpoint, query: params, headers: headers)
+
+      process_json_response(response, 'Failed to fetch TikTok webhook callback')
+    end
+
+    def update_webhook_callback
+      endpoint = 'https://business-api.tiktok.com/open_api/v1.3/business/webhook/update/'
+      headers = { Accept: 'application/json', 'Content-Type': 'application/json' }
+      body = {
+        app_id: client_id,
+        secret: client_secret,
+        event_type: 'DIRECT_MESSAGE',
+        callback_url: webhook_url
+      }
+      response = HTTParty.post(endpoint, body: body.to_json, headers: headers)
+
+      process_json_response(response, 'Failed to update TikTok webhook callback')
+    end
+
+    private
+
+    def client_id
+      GlobalConfigService.load('TIKTOK_APP_ID', nil)
+    end
+
+    def client_secret
+      GlobalConfigService.load('TIKTOK_APP_SECRET', nil)
+    end
+
+    def process_json_response(response, error_prefix)
+      unless response.success?
+        Rails.logger.error "#{error_prefix}. Status: #{response.code}, Body: #{response.body}"
+        raise "#{response.code}: #{response.body}"
+      end
+
+      res = JSON.parse(response.body)
+      raise "#{res['code']}: #{res['message']}" if res['code'] != 0
+
+      res
+    end
+
+    def redirect_uri
+      "#{base_url}/tiktok/callback"
+    end
+
+    def webhook_url
+      "#{base_url}/webhooks/tiktok"
+    end
+
+    def base_url
+      ENV.fetch('FRONTEND_URL', 'http://localhost:3000')
+    end
+  end
+end
diff --git a/app/services/tiktok/client.rb b/app/services/tiktok/client.rb
new file mode 100644
index 000000000..90fd6cef0
--- /dev/null
+++ b/app/services/tiktok/client.rb
@@ -0,0 +1,100 @@
+class Tiktok::Client
+  # Always use Tiktok::TokenService to get a valid access token
+  pattr_initialize [:business_id!, :access_token!]
+
+  def business_account_details
+    endpoint = 'https://business-api.tiktok.com/open_api/v1.3/business/get/'
+    headers = { 'Access-Token': access_token }
+    params = { business_id: business_id, fields: %w[username display_name profile_image].to_s }
+    response = HTTParty.get(endpoint, query: params, headers: headers)
+
+    json = process_json_response(response, 'Failed to fetch TikTok user details')
+    {
+      username: json['data']['username'],
+      display_name: json['data']['display_name'],
+      profile_image: json['data']['profile_image']
+    }.with_indifferent_access
+  end
+
+  def file_download_url(conversation_id, message_id, media_id, media_type = 'IMAGE')
+    endpoint = 'https://business-api.tiktok.com/open_api/v1.3/business/message/media/download/'
+    headers = { 'Access-Token': access_token, 'Content-Type': 'application/json', Accept: 'application/json' }
+    body = { business_id: business_id,
+             conversation_id: conversation_id,
+             message_id: message_id,
+             media_id: media_id,
+             media_type: media_type }
+
+    response = HTTParty.post(endpoint, body: body.to_json, headers: headers)
+    json = process_json_response(response, 'Failed to fetch TikTok media download URL')
+
+    json['data']['download_url']
+  end
+
+  def send_text_message(conversation_id, text, referenced_message_id: nil)
+    send_message(conversation_id, 'TEXT', text, referenced_message_id: referenced_message_id)
+  end
+
+  def send_media_message(conversation_id, attachment, referenced_message_id: nil)
+    # As of now, only IMAGE media type is supported
+    media_id = upload_media(attachment.file, 'IMAGE')
+    send_message(conversation_id, 'IMAGE', media_id, referenced_message_id: referenced_message_id)
+  end
+
+  private
+
+  def send_message(conversation_id, type, payload, referenced_message_id: nil)
+    # https://business-api.tiktok.com/portal/docs?id=1832184403754242
+    endpoint ='https://business-api.tiktok.com/open_api/v1.3/business/message/send/'
+    headers = { 'Access-Token': access_token, 'Content-Type': 'application/json' }
+    body = {
+      business_id: business_id,
+      recipient_type: 'CONVERSATION',
+      recipient: conversation_id
+    }
+
+    body[:referenced_message_info] = { referenced_message_id: referenced_message_id } if referenced_message_id.present?
+
+    if type == 'IMAGE'
+      body[:message_type] = 'IMAGE'
+      body[:image] = { media_id: payload }
+    else
+      body[:message_type] = 'TEXT'
+      body[:text] = { body: payload }
+    end
+
+    response = HTTParty.post(endpoint, body: body.to_json, headers: headers)
+    json = process_json_response(response, 'Failed to send TikTok message')
+
+    json['data']['message']['message_id']
+  end
+
+  def upload_media(file, media_type = 'IMAGE')
+    endpoint = 'https://business-api.tiktok.com/open_api/v1.3/business/message/media/upload/'
+    headers = { 'Access-Token': access_token, 'Content-Type': 'multipart/form-data' }
+
+    file.open do |temp_file|
+      body = {
+        business_id: business_id,
+        media_type: media_type,
+        file: temp_file
+      }
+
+      response = HTTParty.post(endpoint, body: body, headers: headers)
+      json = process_json_response(response, 'Failed to upload TikTok media')
+      json['data']['media_id']
+    end
+  end
+
+  def process_json_response(response, error_prefix)
+    unless response.success?
+      Rails.logger.error "#{error_prefix}. Status: #{response.code}, Body: #{response.body}"
+      raise "#{response.code}: #{response.body}"
+    end
+
+    res = JSON.parse(response.body)
+    raise "#{res['code']}: #{res['message']}" if res['code'] != 0
+
+    res
+  end
+end
diff --git a/app/services/tiktok/message_service.rb b/app/services/tiktok/message_service.rb
new file mode 100644
index 000000000..c33f172d7
--- /dev/null
+++ b/app/services/tiktok/message_service.rb
@@ -0,0 +1,174 @@
+class Tiktok::MessageService
+  include Tiktok::MessagingHelpers
+
+  pattr_initialize [:channel!, :content!]
+
+  def perform
+    if outgoing_message?
+      # Skip processing echo messages
+      message = find_message(tt_conversation_id, tt_message_id)
+      return if message.present?
+    end
+
+    create_message
+  end
+
+  private
+
+  def contact_inbox
+    @contact_inbox ||= create_contact_inbox(channel, tt_conversation_id, incoming_message? ? from : to, incoming_message? ? from_id : to_id)
+  end
+
+  def contact
+    contact_inbox.contact
+  end
+
+  def conversation
+    @conversation ||= contact_inbox.conversations.first || create_conversation(channel, contact_inbox, tt_conversation_id)
+  end
+
+  def create_message
+    message = conversation.messages.build(
+      content: message_content,
+      account_id: channel.inbox.account_id,
+      inbox_id: channel.inbox.id,
+      message_type: incoming_message? ? :incoming : :outgoing,
+      content_attributes: message_content_attributes,
+      source_id: tt_message_id,
+      created_at: tt_message_time,
+      updated_at: tt_message_time
+    )
+
+    message.sender = contact_inbox.contact if incoming_message?
+    message.status = :delivered if outgoing_message?
+
+    create_message_attachments(message)
+    message.save!
+  end
+
+  def message_content
+    return unless text_message?
+
+    tt_text_body
+  end
+
+  def create_message_attachments(message)
+    create_image_message_attachment(message) if image_message?
+    create_share_post_message_attachment(message) if share_post_message?
+  end
+
+  def create_image_message_attachment(message)
+    return unless image_message?
+
+    attachment_file = fetch_attachment(channel, tt_conversation_id, tt_message_id, tt_image_media_id)
+
+    message.attachments.new(
+      account_id: message.account_id,
+      file_type: :image,
+      file: {
+        io: attachment_file,
+        filename: attachment_file.original_filename,
+        content_type: attachment_file.content_type
+      }
+    )
+  end
+
+  def create_share_post_message_attachment(message)
+    return unless share_post_message?
+
+    message.attachments.new(
+      account_id: message.account_id,
+      file_type: :embed,
+      external_url: tt_share_post_embed_url
+    )
+  end
+
+  def supported_message?
+    text_message? || image_message? || share_post_message?
+  end
+
+  def message_content_attributes
+    attributes = {}
+    attributes[:in_reply_to_external_id] = tt_referenced_message_id if tt_referenced_message_id
+    attributes[:is_unsupported] = true unless supported_message?
+    attributes
+  end
+
+  def text_message?
+    tt_message_type == 'text'
+  end
+
+  def image_message?
+    tt_message_type == 'image'
+  end
+
+  def sticker_message?
+    tt_message_type == 'sticker'
+  end
+
+  def share_post_message?
+    tt_message_type == 'share_post'
+  end
+
+  def tt_text_body
+    return unless text_message?
+
+    content[:text][:body]
+  end
+
+  def tt_image_media_id
+    return unless image_message?
+
+    content[:image][:media_id]
+  end
+
+  def tt_share_post_embed_url
+    return unless share_post_message?
+
+    content[:share_post][:embed_url]
+  end
+
+  def tt_referenced_message_id
+    content[:referenced_message_info]&.[](:referenced_message_id)
+  end
+
+  def tt_message_type
+    content[:type]
+  end
+
+  def tt_message_id
+    content[:message_id]
+  end
+
+  def tt_message_time
+    Time.zone.at(content[:timestamp] / 1000).utc
+  end
+
+  def tt_conversation_id
+    content[:conversation_id]
+  end
+
+  def from
+    content[:from]
+  end
+
+  def from_id
+    content[:from_user][:id]
+  end
+
+  def to
+    content[:to]
+  end
+
+  def to_id
+    content[:to_user][:id]
+  end
+
+  def incoming_message?
+    channel.business_id == to_id
+  end
+
+  def outgoing_message?
+    !incoming_message?
+  end
+end
diff --git a/app/services/tiktok/messaging_helpers.rb b/app/services/tiktok/messaging_helpers.rb
new file mode 100644
index 000000000..b4295c736
--- /dev/null
+++ b/app/services/tiktok/messaging_helpers.rb
@@ -0,0 +1,68 @@
+module Tiktok::MessagingHelpers
+  private
+
+  def create_contact_inbox(channel, tt_conversation_id, from, from_id)
+    ::ContactInboxWithContactBuilder.new(
+      source_id: tt_conversation_id,
+      inbox: channel.inbox,
+      contact_attributes: contact_attributes(from, from_id)
+    ).perform
+  end
+
+  def contact_attributes(from, from_id)
+    {
+      name: from,
+      additional_attributes: contact_additional_attributes(from, from_id)
+    }
+  end
+
+  def contact_additional_attributes(from, from_id)
+    {
+      # TODO: Remove this once we show the social_tiktok_user_name in the UI instead of the username
+      username: from,
+      social_tiktok_user_id: from_id,
+      social_tiktok_user_name: from
+    }
+  end
+
+  def find_conversation(channel, tt_conversation_id)
+    channel.inbox.contact_inboxes.find_by(source_id: tt_conversation_id).conversations.first
+  end
+
+  def create_conversation(channel, contact_inbox, tt_conversation_id)
+    ::Conversation.create!(conversation_params(channel, contact_inbox, tt_conversation_id))
+  end
+
+  def conversation_params(channel, contact_inbox, tt_conversation_id)
+    {
+      account_id: channel.inbox.account_id,
+      inbox_id: channel.inbox.id,
+      contact_id: contact_inbox.contact.id,
+      contact_inbox_id: contact_inbox.id,
+      additional_attributes: conversation_additional_attributes(tt_conversation_id)
+    }
+  end
+
+  def conversation_additional_attributes(tt_conversation_id)
+    {
+      conversation_id: tt_conversation_id
+    }
+  end
+
+  def find_message(tt_conversation_id, tt_message_id)
+    message = Message.find_by(source_id: tt_message_id)
+    message_conversation_id = message&.conversation&.[](:additional_attributes)&.[]('conversation_id')
+    return if message_conversation_id != tt_conversation_id
+
+    message
+  end
+
+  def fetch_attachment(channel, tt_conversation_id, tt_message_id, tt_image_media_id)
+    file_download_url = tiktok_client(channel).file_download_url(tt_conversation_id, tt_message_id, tt_image_media_id)
+    Down.download(file_download_url)
+  end
+
+  def tiktok_client(channel)
+    Tiktok::Client.new(business_id: channel.business_id,  access_token: channel.validated_access_token)
+  end
+end
diff --git a/app/services/tiktok/read_status_service.rb b/app/services/tiktok/read_status_service.rb
new file mode 100644
index 000000000..e09c6e8cf
--- /dev/null
+++ b/app/services/tiktok/read_status_service.rb
@@ -0,0 +1,36 @@
+class Tiktok::ReadStatusService
+  include Tiktok::MessagingHelpers
+
+  pattr_initialize [:channel!, :content!]
+
+  def perform
+    return if channel.blank? || content.blank? || outbound_event?
+
+    ::Conversations::UpdateMessageStatusJob.perform_later(conversation.id, last_read_timestamp) if conversation.present?
+  end
+
+  def conversation
+    @conversation ||= find_conversation(channel, tt_conversation_id)
+  end
+
+  def tt_conversation_id
+    content[:conversation_id]
+  end
+
+  def last_read_timestamp
+    tt = content[:read][:last_read_timestamp]
+    Time.zone.at(tt.to_i / 1000).utc
+  end
+
+  def business_id
+    channel.business_id
+  end
+
+  def from_user_id
+    content[:from_user][:id]
+  end
+
+  def outbound_event?
+    business_id.to_s == from_user_id.to_s
+  end
+end
diff --git a/app/services/tiktok/send_on_tiktok_service.rb b/app/services/tiktok/send_on_tiktok_service.rb
new file mode 100644
index 000000000..d7db5f326
--- /dev/null
+++ b/app/services/tiktok/send_on_tiktok_service.rb
@@ -0,0 +1,47 @@
+class Tiktok::SendOnTiktokService < Base::SendOnChannelService
+  private
+
+  def channel_class
+    Channel::Tiktok
+  end
+
+  def perform_reply
+    validate_message_support!
+    message_id = send_message
+
+    message.update!(source_id: message_id)
+    Messages::StatusUpdateService.new(message, 'delivered').perform
+  rescue StandardError => e
+    Rails.logger.error "Failed to send Tiktok message: #{e.message}"
+    Messages::StatusUpdateService.new(message, 'failed', e.message).perform
+  end
+
+  def validate_message_support!
+    return unless message.attachments.any?
+    raise 'Sending attachments with text is not supported on TikTok.' if message.outgoing_content.present?
+    raise 'Sending multiple attachments in a single TikTok message is not supported.' unless message.attachments.one?
+  end
+
+  def send_message
+    tt_conversation_id = message.conversation[:additional_attributes]['conversation_id']
+    tt_referenced_message_id = message.content_attributes['in_reply_to_external_id']
+
+    if message.attachments.any?
+      tiktok_client.send_media_message(tt_conversation_id, message.attachments.first, referenced_message_id: tt_referenced_message_id)
+    else
+      tiktok_client.send_text_message(tt_conversation_id, message.outgoing_content, referenced_message_id: tt_referenced_message_id)
+    end
+  end
+
+  def tiktok_client
+    @tiktok_client ||= Tiktok::Client.new(business_id: channel.business_id, access_token: channel.validated_access_token)
+  end
+
+  def inbox
+    @inbox ||= message.inbox
+  end
+
+  def channel
+    @channel ||= inbox.channel
+  end
+end
diff --git a/app/services/tiktok/token_service.rb b/app/services/tiktok/token_service.rb
new file mode 100644
index 000000000..7a017dd68
--- /dev/null
+++ b/app/services/tiktok/token_service.rb
@@ -0,0 +1,77 @@
+# Service to handle TikTok channel access token refresh logic
+# TikTok access tokens are valid for 1 day and can be refreshed to extend validity
+class Tiktok::TokenService
+  pattr_initialize [:channel!]
+
+  # Returns a valid access token, refreshing it if necessary and eligible
+  def access_token
+    return current_access_token if token_valid?
+
+    return refresh_access_token if refresh_token_valid?
+
+    channel.prompt_reauthorization! unless channel.reauthorization_required?
+    return current_access_token
+  end
+
+  private
+
+  def current_access_token
+    channel.access_token
+  end
+
+  def expires_at
+    channel.expires_at
+  end
+
+  def refresh_token
+    channel.refresh_token
+  end
+
+  def refresh_token_expires_at
+    channel.refresh_token_expires_at
+  end
+
+  # Checks if the current token is still valid (not expired)
+  def token_valid?
+    5.minutes.from_now < expires_at
+  end
+
+  def refresh_token_valid?
+    Time.current < refresh_token_expires_at
+  end
+
+  # Makes an API request to refresh the access token
+  # @return [String] Refreshed access token
+  def refresh_access_token
+    lock_manager = Redis::LockManager.new
+    begin
+      # Could not acquire lock, another process is likely refreshing the token
+      # return the current token as it should still be valid for the next 30 minutes
+      return current_access_token unless lock_manager.lock(lock_key, 30.seconds)
+
+      result = attempt_refresh_token
+      new_token = result[:access_token]
+
+      channel.update!(
+        access_token: new_token,
+        refresh_token: result[:refresh_token],
+        expires_at: result[:expires_at],
+        refresh_token_expires_at: result[:refresh_token_expires_at]
+      )
+
+      lock_manager.unlock(lock_key)
+      new_token
+    rescue StandardError => e
+      lock_manager.unlock(lock_key)
+      raise e
+    end
+  end
+
+  def lock_key
+    format(::Redis::Alfred::TIKTOK_REFRESH_TOKEN_MUTEX, channel_id: channel.id)
+  end
+
+  def attempt_refresh_token
+    Tiktok::AuthClient.renew_short_term_access_token(refresh_token)
+  end
+end
diff --git a/app/views/api/v1/models/_inbox.json.jbuilder b/app/views/api/v1/models/_inbox.json.jbuilder
index cf7346dde..f0b5b1ea8 100644
--- a/app/views/api/v1/models/_inbox.json.jbuilder
+++ b/app/views/api/v1/models/_inbox.json.jbuilder
@@ -60,6 +60,9 @@ end
 json.reauthorization_required resource.channel.try(:reauthorization_required?) if resource.instagram?
 json.instagram_id resource.channel.try(:instagram_id) if resource.instagram?
 
+## Tiktok Attributes
+json.reauthorization_required resource.channel.try(:reauthorization_required?) if resource.tiktok?
+
 ## Twilio Attributes
 json.messaging_service_sid resource.channel.try(:messaging_service_sid)
 json.phone_number resource.channel.try(:phone_number)
diff --git a/app/views/layouts/vueapp.html.erb b/app/views/layouts/vueapp.html.erb
index 3c21850ca..6cb238c6e 100644
--- a/app/views/layouts/vueapp.html.erb
+++ b/app/views/layouts/vueapp.html.erb
@@ -36,6 +36,7 @@
         helpCenterURL: '<%= ENV.fetch('HELPCENTER_URL', '') %>',
         fbAppId: '<%= @global_config['FB_APP_ID'] %>',
         instagramAppId: '<%= @global_config['INSTAGRAM_APP_ID'] %>',
+        tiktokAppId: '<%= @global_config['TIKTOK_APP_ID'] %>',
         googleOAuthClientId: '<%= ENV.fetch('GOOGLE_OAUTH_CLIENT_ID', nil) %>',
         googleOAuthCallbackUrl: '<%= ENV.fetch('GOOGLE_OAUTH_CALLBACK_URL', nil) %>',
         allowedLoginMethods: <%= @global_config['ALLOWED_LOGIN_METHODS'].to_json.html_safe %>,
diff --git a/app/views/super_admin/application/_icons.html.erb b/app/views/super_admin/application/_icons.html.erb
index a45c4c1b3..0b25f3e83 100644
--- a/app/views/super_admin/application/_icons.html.erb
+++ b/app/views/super_admin/application/_icons.html.erb
@@ -161,6 +161,10 @@
   <symbol id="icon-instagram" viewBox="0 0 24 24">
     <path d="M 8 3 C 5.243 3 3 5.243 3 8 L 3 16 C 3 18.757 5.243 21 8 21 L 16 21 C 18.757 21 21 18.757 21 16 L 21 8 C 21 5.243 18.757 3 16 3 L 8 3 z M 8 5 L 16 5 C 17.654 5 19 6.346 19 8 L 19 16 C 19 17.654 17.654 19 16 19 L 8 19 C 6.346 19 5 17.654 5 16 L 5 8 C 5 6.346 6.346 5 8 5 z M 17 6 A 1 1 0 0 0 16 7 A 1 1 0 0 0 17 8 A 1 1 0 0 0 18 7 A 1 1 0 0 0 17 6 z M 12 7 C 9.243 7 7 9.243 7 12 C 7 14.757 9.243 17 12 17 C 14.757 17 17 14.757 17 12 C 17 9.243 14.757 7 12 7 z M 12 9 C 13.654 9 15 10.346 15 12 C 15 13.654 13.654 15 12 15 C 10.346 15 9 13.654 9 12 C 9 10.346 10.346 9 12 9 z"/>
   </symbol>
+
+  <symbol id="icon-tiktok" viewBox="0 0 21 24">
+    <path fill="currentColor" d="M17.804,4.814C16.176,3.752 15.19,1.944 15.19,0L11.062,0L11.054,16.541C10.982,18.453 9.371,19.948 7.459,19.872C5.547,19.8 4.052,18.188 4.128,16.277C4.2,14.413 5.731,12.942 7.595,12.942C7.944,12.942 8.289,12.998 8.617,13.102L8.617,8.886C8.277,8.838 7.936,8.814 7.595,8.81C3.407,8.81 0,12.216 0,16.405C0.008,20.597 3.403,23.996 7.599,24C11.788,24 15.194,20.593 15.194,16.405L15.194,8.02C16.866,9.222 18.874,9.872 20.934,9.868L20.934,5.739C19.82,5.743 18.733,5.419 17.804,4.814Z"/>
+  </symbol>
   
   <symbol id="icon-notion" viewBox="0 0 24 24">
     <path fill="currentColor" d="M6.104 5.91c.584.474.802.438 1.898.365l10.332-.62c.22 0 .037-.22-.036-.256l-1.716-1.24c-.329-.255-.767-.548-1.606-.475l-10.005.73c-.364.036-.437.219-.292.365zm.62 2.408v10.87c0 .585.292.803.95.767l11.354-.657c.657-.036.73-.438.73-.913V7.588c0-.474-.182-.73-.584-.693l-11.866.693c-.438.036-.584.255-.584.73m11.21.583c.072.328 0 .657-.33.694l-.547.109v8.025c-.475.256-.913.401-1.278.401c-.584 0-.73-.182-1.168-.729l-3.579-5.618v5.436l1.133.255s0 .656-.914.656l-2.519.146c-.073-.146 0-.51.256-.583l.657-.182v-7.187l-.913-.073c-.073-.329.11-.803.621-.84l2.702-.182l3.724 5.692V9.886l-.95-.109c-.072-.402.22-.693.585-.73zM4.131 3.429l10.406-.766c1.277-.11 1.606-.036 2.41.547l3.321 2.335c.548.401.731.51.731.948v12.805c0 .803-.292 1.277-1.314 1.35l-12.085.73c-.767.036-1.132-.073-1.534-.584L3.62 17.62c-.438-.584-.62-1.021-.62-1.533V4.705c0-.656.292-1.203 1.132-1.276"/>
diff --git a/config/features.yml b/config/features.yml
index ae6dec8e0..74d280a3a 100644
--- a/config/features.yml
+++ b/config/features.yml
@@ -227,3 +227,6 @@
   enabled: false
   premium: true
   chatwoot_internal: true
+- name: channel_tiktok
+  display_name: TikTok Channel
+  enabled: true
diff --git a/config/installation_config.yml b/config/installation_config.yml
index 40c758f72..8581deb97 100644
--- a/config/installation_config.yml
+++ b/config/installation_config.yml
@@ -406,6 +406,16 @@
   locked: true
 # ------- End of Instagram Channel Related Config ------- #
 
+# ------- TikTok Channel Related Config ------- #
+- name: TIKTOK_APP_ID
+  display_title: 'TikTok App ID'
+  locked: false
+- name: TIKTOK_APP_SECRET
+  display_title: 'TikTok App Secret'
+  locked: false
+  type: secret
+# ------- End of TikTok Channel Related Config ------- #
+
 # ------- OG Image Related Config ------- #
 - name: OG_IMAGE_CDN_URL
   display_title: 'OG Image CDN URL'
diff --git a/config/routes.rb b/config/routes.rb
index 15ab79822..4582a4495 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -19,10 +19,13 @@ Rails.application.routes.draw do
     get '/app/accounts/:account_id/settings/inboxes/new/twitter', to: 'dashboard#index', as: 'app_new_twitter_inbox'
     get '/app/accounts/:account_id/settings/inboxes/new/microsoft', to: 'dashboard#index', as: 'app_new_microsoft_inbox'
     get '/app/accounts/:account_id/settings/inboxes/new/instagram', to: 'dashboard#index', as: 'app_new_instagram_inbox'
+    get '/app/accounts/:account_id/settings/inboxes/new/tiktok', to: 'dashboard#index', as: 'app_new_tiktok_inbox'
     get '/app/accounts/:account_id/settings/inboxes/new/:inbox_id/agents', to: 'dashboard#index', as: 'app_twitter_inbox_agents'
     get '/app/accounts/:account_id/settings/inboxes/new/:inbox_id/agents', to: 'dashboard#index', as: 'app_email_inbox_agents'
     get '/app/accounts/:account_id/settings/inboxes/new/:inbox_id/agents', to: 'dashboard#index', as: 'app_instagram_inbox_agents'
+    get '/app/accounts/:account_id/settings/inboxes/new/:inbox_id/agents', to: 'dashboard#index', as: 'app_tiktok_inbox_agents'
     get '/app/accounts/:account_id/settings/inboxes/:inbox_id', to: 'dashboard#index', as: 'app_instagram_inbox_settings'
+    get '/app/accounts/:account_id/settings/inboxes/:inbox_id', to: 'dashboard#index', as: 'app_tiktok_inbox_settings'
     get '/app/accounts/:account_id/settings/inboxes/:inbox_id', to: 'dashboard#index', as: 'app_email_inbox_settings'
 
     resource :widget, only: [:show]
@@ -267,6 +270,10 @@ Rails.application.routes.draw do
             resource :authorization, only: [:create]
           end
 
+          namespace :tiktok do
+            resource :authorization, only: [:create]
+          end
+
           namespace :notion do
             resource :authorization, only: [:create]
           end
@@ -539,6 +546,7 @@ Rails.application.routes.draw do
   post 'webhooks/whatsapp/:phone_number', to: 'webhooks/whatsapp#process_payload'
   get 'webhooks/instagram', to: 'webhooks/instagram#verify'
   post 'webhooks/instagram', to: 'webhooks/instagram#events'
+  post 'webhooks/tiktok', to: 'webhooks/tiktok#events'
 
   namespace :twitter do
     resource :callback, only: [:show]
@@ -566,6 +574,7 @@ Rails.application.routes.draw do
   get 'microsoft/callback', to: 'microsoft/callbacks#show'
   get 'google/callback', to: 'google/callbacks#show'
   get 'instagram/callback', to: 'instagram/callbacks#show'
+  get 'tiktok/callback', to: 'tiktok/callbacks#show'
   get 'notion/callback', to: 'notion/callbacks#show'
   # ----------------------------------------------------------------------
   # Routes for external service verifications
diff --git a/db/migrate/20251027091242_add_tiktok_channel.rb b/db/migrate/20251027091242_add_tiktok_channel.rb
new file mode 100644
index 000000000..11fff9d7b
--- /dev/null
+++ b/db/migrate/20251027091242_add_tiktok_channel.rb
@@ -0,0 +1,15 @@
+class AddTiktokChannel < ActiveRecord::Migration[7.1]
+  def change
+    create_table :channel_tiktok do |t|
+      t.integer :account_id, null: false
+      t.string :business_id, null: false
+      t.string :access_token, null: false
+      t.datetime :expires_at, null: false
+      t.string :refresh_token, null: false
+      t.datetime :refresh_token_expires_at, null: false
+      t.timestamps
+    end
+
+    add_index :channel_tiktok, :business_id, unique: true
+  end
+end
diff --git a/db/schema.rb b/db/schema.rb
index 33744889c..82dcd37f6 100644
--- a/db/schema.rb
+++ b/db/schema.rb
@@ -497,6 +497,18 @@ ActiveRecord::Schema[7.1].define(version: 2025_11_19_161025) do
     t.index ["bot_token"], name: "index_channel_telegram_on_bot_token", unique: true
   end
 
+  create_table "channel_tiktok", force: :cascade do |t|
+    t.integer "account_id", null: false
+    t.string "business_id", null: false
+    t.string "access_token", null: false
+    t.datetime "expires_at", null: false
+    t.string "refresh_token", null: false
+    t.datetime "refresh_token_expires_at", null: false
+    t.datetime "created_at", null: false
+    t.datetime "updated_at", null: false
+    t.index ["business_id"], name: "index_channel_tiktok_on_business_id", unique: true
+  end
+
   create_table "channel_twilio_sms", force: :cascade do |t|
     t.string "phone_number"
     t.string "auth_token", null: false
diff --git a/lib/redis/redis_keys.rb b/lib/redis/redis_keys.rb
index f5d297e5f..973c2b188 100644
--- a/lib/redis/redis_keys.rb
+++ b/lib/redis/redis_keys.rb
@@ -39,6 +39,8 @@ module Redis::RedisKeys
   # We don't want to process messages from the same sender concurrently to prevent creating double conversations
   FACEBOOK_MESSAGE_MUTEX = 'FB_MESSAGE_CREATE_LOCK::%<sender_id>s::%<recipient_id>s'.freeze
   IG_MESSAGE_MUTEX = 'IG_MESSAGE_CREATE_LOCK::%<sender_id>s::%<ig_account_id>s'.freeze
+  TIKTOK_MESSAGE_MUTEX = 'TIKTOK_MESSAGE_CREATE_LOCK::%<business_id>s::%<conversation_id>s'.freeze
+  TIKTOK_REFRESH_TOKEN_MUTEX = 'TIKTOK_REFRESH_TOKEN_LOCK::%<channel_id>s'.freeze
   SLACK_MESSAGE_MUTEX = 'SLACK_MESSAGE_LOCK::%<conversation_id>s::%<reference_id>s'.freeze
   EMAIL_MESSAGE_MUTEX = 'EMAIL_CHANNEL_LOCK::%<inbox_id>s'.freeze
   CRM_PROCESS_MUTEX = 'CRM_PROCESS_MUTEX::%<hook_id>s'.freeze
diff --git a/public/assets/images/dashboard/channels/tiktok.png b/public/assets/images/dashboard/channels/tiktok.png
new file mode 100644
index 0000000000000000000000000000000000000000..2f4cdc98a1dfa7ca295f6eb2e0da8b6819fa583f
GIT binary patch
literal 24164
zcmb5WbzD{5wlKUlDJ_T~(i;?{Q#zDQsequHMnJj|HYu^uhgMQh8VTu;Zcs!(x;vDV
z?iRkedCooO-h1wSzxVxvpL?x2=a{4Bn4^}#k5v^(2yYTX5JaM^gwTK>EbtQxx`GG(
z*>fK}fgs#GtEbv1ZIwsjCJuHy#-<L>&3N4H9KkpQNy@l88k^Xdp_rbVSy<Ui!8dCg
z;Y?PhQgAI{6+RV5IWtQuB~K@_C!VTLO+0N(#7yBb(u9)k;sAi18OoT+-OkqDS=?O;
zehF6`{KmZIg)?1FLD@*bwN)N7$vHTgF$wbs^YFo?37I6FOwGkL5DNcT44$OmmMD~?
zI4`f8n;VatAdiES1uwstm>4gg0Iz@mH<-cg>|u{GcIUQtX2F2?8wSG6*~H1p5oP6I
z&xC<#{M^9>B?X6rai;&k%+B$j!0ny?K|SCDue-4$FFy|-?|+``Xz74*aJF>#UzYrH
z_}><qn*4JUM;9mCOZ-huc+G6h?9A*@&R{<Of7!^)-RfU7{};3{BmV{-Wo7=qOvjA;
z+jJls6_tM?^k2aL2i10V{{<gsl)Nio+&_fyKdx|o>fva{t6}Es;NoOrChrR9V!7lU
z*iBr{$;=pKh5&z3Z~;C6VQzjtZh^Z``9;Kq1;qIUIQazm`2IOr#lh6d+~a?oEG#Z0
z2qugF=h;A=OpQ^-|2OmhDIjso?7xu$s{DV%=wEB(9Bdt&0CIo^!AoTSHKZ&j_t?q7
z+{zY=Icq51XHu4zyUQ<j_b#^p5C7#{jNHT@Te+LrY9p+G(4B!!O2LKs1^(Np&i^)g
zx%(4v7{L~QgT%;IT-nap!c5D`6lM7@X#W~`WM*&iZzC8P*}7m31=8LMNcC?NE*EM4
zYfK6*BEb8fHq!aGA<Qvjk~B3DH^E5P!Rhk(?}PWm?8V<te?Qt<Nvjxpn%Ofwv^2K0
zvX$h;97gc+@*MvC^dBoEdH)+g$xCe&SF&;jTX_7R_PB(`#B`~v;>IQz0;S-NP7bCn
zCT6CWYzFxLJ?iXWj&d`0GP`F1)Km(7&)nP!u)>4svCDH?D`!hHCnf<V0iL@&f6Muw
z%iJu@0LcHQF8@g<dH-jM{*8jaN&ZjP39S439k6=9eDeO&eu9U8T3|DKpsP;6zS5i0
z_(2ftl@-vsf73PyVvlr*oZ)<}exp?;psnc6yZPr<`gT5#xb5F@ztz<hG^-kWcKY#P
zZrz)$y}+q9?b};J>NDI)j*$oCcd8d-tBmWD-JV3RiAgOTCvJ-M42bo>9<pa<?8o0z
zvT)MvUHaVRzhvjaE7U7bgpEQ_8qkyBoINcIm&omOpA)h{N*@*p^R%FFb65OZDUlrn
zYJ{g+&bjRqU)LW9l(2ento6>n`daykfqT2OJ($8bF5myvv*I$s35rJ1lhBxqSgP3f
zCTdxl?@~@b@LGkKnOm?P1i7VO`xb~#`{dDVOV`zOf!Y_p(hN19wlQ)oszt}>%bUjt
z3&ko&um;KvUe95OzCkT@o24aw?4r?oXs)?XWB)eUpft^QJ>EgPd&~|uQUU|iMPIEb
zR<*s`Eyd^C;qh$9A3OX~1G9K<#$AKGl+b&es!*n+o=a8vZEnjGtIOE3HXy)XqsQk!
ztRb+s#%t*M+Qz+<#7Z6?>{kvJJNuGE$>63Wa8%N9h9IJAm_Ha4pLhd;m>^}uy{GPp
zYg2CSbVDC;w@OR%8cIytoi-1u3g3QK;h(+F|KS<Ks|Xw{<!l0FC8nRa_ZbL0A{3eS
zVy`|}CL*X8H=-RN=4twMd!l40U)-9-F2%z)pYAV~2@XML3ybc}(}QO1{>~QziS^D)
z&&Yz>VoZ_k*r_4iKlvVZoXK~{2QsaYD5D@a#dj8QH1@GPKGO;}6$FRR6+@55jbKc0
z0a79;ljQ&Xl@o6vwvi+i^njKNLLk1kQ`4ifE487Zpf`e=C@5|EIR<vOs1DLAP44PG
z9uY(y`9c7CbB+F0w#el)VI9o0OBAR83b+^)Oxn}1FDFO7d_fO6JK~`Gu`nw?YeVeZ
z#n4r98k<-79B0!HDq0&ez^*@VsBzMSnqHz2Jh$?GFhK?8$#UM?W@XYl+Bh|ZtKxfu
zJuBiUgUu7;5#Nv4Q$F@RORnDfBQAdu3`f@IUiuVHjI2s|*PSl8$aITz_cf2~ZJBtd
zR6mh9k9HfZ;S>xcquFwp^|g+?|7BN2l&AWtRz4g)@U6m5aj9{-gDR=ny69LUzKBl7
z>oY;1ri$q8YDxzfz;bP_`x8YpX;L2U12LzE0hdH-C&Ye8vkoS`M#>Fq<NsMTe;+Vz
zqs1+1al3x3;boq3>p=oa--!mphij4px?|@3A9o*#^HdXKI6$E3DnuENvJ8VFm@({o
z)cfv@%3JI94+MdWS0I{KxagoZy0J~yK?eYu4#p&h;a1%I?_t80znYzJ(8OP`WD%xO
z3)b~Co5NyQvVY^GYycM!{%E88noOd9b}sVaXXt7*^$3hFj`YaTD(|>|wpmr+$bDV|
zBjVd9a?R%HBbzCfTib1!mpGJ3_e*l7-Acz}h+=_EuUumOTlR|yw}i+I_qNZvsqZAJ
z`_TYsqzB3Xg{61&WR8l(m&FVEPU9}=bO$p(+AiFs)9T^(w~0he9*~d`W~arDhP<3L
zXYBCS|9C@Hr8O37H~Ui?vTOo7Plm2S+SxqhNl$3Qg>Irmsi2#D7+^N;4px(8eW@lY
zg3F@w&oQv5Jn}uXKHm$B|AhMhpBBaS_pYI3*4uHbU%MuVMc?5!VPS{K@qEYd=Oa<x
z@E{E;n}tN2w3-sbcmMl+70nf`gVxxjE`PyVnW#;GUYEpfrsb+t(mE!}RkQMu;9w@U
zXu92H(0CstM6$(K4K3b?44e$cMYq*gk)lP#-fI;R(Kymg<E8pw)>F)89<0139%V#d
zgXPR%Sc%i?_chN(#!#ZE87Te9TOdxQ2*r3e)llp9QHYdZm*`!X2nSg;5!fnDaYUZ2
zxSVy*SVY)XSFou$(OBt*6Fr6je)e{g0^&KV;}Ge#VSqogmN8~G_D?o*MMbAOuVHk*
zu5dpVpDdQ0zlmYat3QTwv9faT+`Zk7TaX1!T;QbNKX6uAZkmmDtG^h6NWV-#gBF<S
zceiw^j@z!&@6(<hFNBuM{=O=Q9XSWYOFs4*by7&y+e6^@49cRV4@$%k&~|&g{M#Ga
z6}dl2SK9y#wo4dJ51SX`-UeGb%QWn1b3fKKa%Xbl!r)HZ=a=@xwP2%1;a=SA05phy
zIlc6DKHag8V)G{-uiw`L0-0MecBO>z_dA0;VS~+G-5<LEkDs4d;jMtwOPge}uKRp3
zQ`kmpf9_$CkR-7f1x7q7f6A-Rg4~8`8hEZg{gLUHb7_RuI8Da74~gQVKMyx}k)R)T
z5hA)T4~hxFa{7{kUPE=bp=%Bmdl%oWt6~@%7MIoIJetk6upQRyQ}NQ<a1r|r^w?UH
z!3htLkS64)HBiy4=_Yhw#)^)HSv6ur+b=i#d4bbOFM9jnna}x8-BeUVPB41`hHaU_
zqI;hM?F^^iBe8t#bZ<O(325GEae?}Khd<QJj+7fV%yg*9L=$26HDJzjW}Mzl5yt+&
zW5`!Xm^c$-$kX<s>od;ke|7a$ggo=wfO9|gjQSnSzJ58KnS@;|d(BSGMN)qzRIO2m
z=-tk#lsERpeE=#)bdUc@WkX+o)SGhp*(Vm*M`73F*u5{;eO8qclb=3O@X&s!K)RLF
zID(a_6Z=<MSra%T?-t{uKEF19SAXnre<bSkxa<YQQ^|2{j1j|S?6nX#2G`L8UvGD`
zTCFP4JJJ%?t78mA(4{>O)M2#JabGDM;ym2FBL__yAsI?UFrvrzDDXb~#W<8dVMuTk
zN5w8RSR!kxhmk+2b7P5jUy*g==*R}pt#HTtOqb@QioTdVS&z1o>!c`zOlxg!POwQ2
zR@e&gn}2*^oA*q>VM1babM80V(AuxRIyMkKfw93(#ru)5{?{t%8VcneqBi!K88s@g
z1Q7G^ZH%Dk3dPB#O$QgXeym<2H!C9R!mA{9y}T@`Ee9wBTkSmx>}<;For=f|vTz?*
z5D>`U2e@GDrDNQO!nY~v2j;_pGm{TQv2*lb((2Vp#2DJB`_LbWI%a6;Z42~A*0Yvi
zM~3Qge-FLygI!d|F!r2`ZR}5t5LPJ=y-Q}{qSOh)9G)bB4eRj=%gI=+5mW-*kw`bb
zBiSXqyf=Yl^ySAxN1=8@w9q{4D2s}no=coME*!ILA*wep3Az1qZNRnQ8O=!f3n;lC
zE3-~ol<oo@9CQWB(3)`L<r&-SU$j#fhGq}bup_H6#4pc`mm!R-$7o;MJ51If04BG@
z$>IY4wg%9?5<Z@R!Rax%UrD9U*<zLd0Ah*R8KW!e;dd1#!k$&E{_!P!xiu}HRvK~1
zOiSNSLl=A0zBG-u_KNd4SmXnlfy?oai$DO)5d0|TL*wjY739c|+#P2fWR-0(HU?fF
z%xZnzFR65K*s^c=0!y1M@5lYVI7=f8j@epKByXMF=)IQlq~a1ujbidS!aH&W9-w$u
z7%{9_DM!dJ7+)u%^3GqaA)WPtCd`o4Pc&nGrj@GCTq2wD?XJCe?#fa0fi3Gh+*vlr
zwJp~vA)iAIS0P;*Xb8rD$o`=^UXE@-cBty~2~$9j7~~W7l>8_?pQ8n9PM!A>PUBx%
zzEv5|&tHY_xl2y3XYE2~6tdO%93lW6-N%yR&?P#Rqp<~w@6?j^Ge6}fz4T^hY${i}
z?niBk6w{TJ9KV$2%?MNPKa=#)7Hba%MT8Ewj2Y3TP#tI910~Iv4m0Go9$lm-=F}mu
zKjp3L?O2tLKcA@BobJi$!f|9oTk9Y<qL5~v<hQdgt)=N3ZQIF0kHAxSiciHZlp=Pe
zDF(W4kdD<Di8Kp2hUG|L@DflJ(9!Vd+-_OF@VYbDQS^ae)(xs?%PqO58Dj_tX#e)t
zpg+*1pf{N;jR$9;=7Z0?j$6Ga$$l|GzEH7>W=wfWu09Y9)`pZ3>G>xL%n@J`R9;t;
zdFk%HkDn55@MoIR;l&G8#zr6e5h7^Z45@=VYXDtfZOO+q21%%pTm{C0Jnpu-j!SP?
zyP#{h&wk6NL>B5jHx;xO#O78HrK)SjT!%EFQS?)0OGZcS_n3<e?%XoRlB+5zrn#4w
zC)d(=?9zm0A%!`*f;~_=$R9ATh7lV!MZyEj?bA6>dD=K{8~20pf^ymY<?;LU8F!CQ
z^M|xz_+8jW&qr1}?PX?o@_wj7$WwP@jmJD1Lo(MjgGS@wFy(<fg@&z13LEN*q=Lt&
zW60d4-jg-&0j2B>S&I?h!}IMO0pC8m+e?%f$18{{(+%~e@R@6FtlN&VA<4yroM2|1
ze&mainrHr}NA7w4I$SNSP;ihEPR?BUh{eVY-jTebMjc-9H?){*Ad=5hR1$S4Hp8In
zvO{CmzL;D=!Bh$q?UJz*SBms+ZGI4{uU^lwxG8V(f(RqTl0a=+$EjOd#5vmTk34K`
zbTm+OSs32}t`}T5!)H7)+5Fgf`nZ;&+$C*J6gb%A<YSSQb1@^|W7Ohk3NBiBZOUCo
zqzfHxUP9wl>9F?RDr$Cn^B%b{JfXK|`4k0j#n?>v#6UW~@4#D;>l+_L%QM%5v*1cj
zAx*Lv#MQ@pbtec{c}`y(9K49udpEJUJX_#*jzJ@>EWNyp>h9E5ZQZ)bZTXeLBjty6
zb^54`vSuvV`Dgn0=zc?Z<kZ2@HGc_<u7NyNNfm;|MqN}|8Rq^)sLq0?n(UQt1I5n6
zlf%QU$-N#gjV^!{XcL+w{(uO2zsZ$-(WfRkp{VxgX^Q&zr}N!g%RhsbwJVyZ0H@pH
zqLdAnc6>=z^v`+S1q4kz*tj1OpKMe*JBLf%OnyV$_xrE8D}X6t$qb=pxx5XDdd>%x
z#omK|DNUKlgt<0UQh0u=UnK<2SWu9@{N`Gx{mWl>%A~d_XZLTHEYZ`o>$$#?aodKQ
zc1he|NRi-qyK#i1ASd5vjoXtS_F4?jKPFZ=!j{z0*<NEIRhy@86k>DRzHf?W9-?Y_
z$?`NFPoa2n9|tpqqxu*K^4KX81Fpd>v<h_B?d5vZ{V!$7OF#a>s%1#>I+E~Hr!J0B
z-!sOQL99%@Z5QUzCs!*Td^FOPbh@+<gKog>MAg>}l*w8Vp)3B>jUS#|ENHNgK3CuH
zz0?eWFr3uv)ge7atfSsU(bMl3l?>7k!f0@tKgPiR`vb;*g(5>S!X~fAoZ2`=wbdAn
zU^>hZ`(Ic6V+7--U#-4@(Y;8be}VY_d$`nkCw`1x!l^Ot-tKbEG7h4Q4C4^sRl9F}
zi)r@KSw$>?&=xc4b>|PBwsEQTvg(nTN4_)IWue`2WipqOPyZA*eO-T|YR&k&<NOhd
zD$N^XM+Ckcb=E~92UL@M=X&EdU!pbpJc14`1Aw#{;-t@xBZJW_CIU{wLEZNU>Hp!p
zgudx+qpz@8xf3`oX*+C9*2^VMMvh^;X`ErqBZ*w6l{?$pG}Vm3-S@v?-hPav5tDO!
zB<1mCy_xJp7Aqdyn1>i@C}u6>KGEq&tv|KXH9xoR(`ie>@E(U|v4dw!)ND+B^Nr!2
zncutZ>Sf7!9t;_;=vNu<=6QUl!JiUw+EAp~TBA(5^wfci&BGaAmg>Ez!&1Z*U-z~7
z7-lMf;R$W~o>H7!n54V%z}`T8>uF#;J`-I0n%FfAHF1rkkQ??|<$VY9p9yo+^ai(6
zM)|k}FR-DrE><}ps7Nam6&jZCZh^7%#g7setw-7v96RRrSCax0Ujw<blW_guj2jaD
zvnNItmUyWCNpYN6oGeo&Wf?-?!}A`HqtARA&XlfC@u9o_)O}U5o6#jo_3X*(H2ij2
zWXefRt)lPvb9Q?>VMV0i%w%p+o!=mVOZ-|U8x>T7tApHu9>Mrribg0icz&fh-C5SW
zQuFM(*?C%^yczt*mJ*E!X+rgpZ$Ni1qs`dy_E5Q@DQEjAU0*eOeK8baW{TW~ZiHUc
zwW(qA5gtq?e#%}I&YS3Ifxw_6LwKw6&sl;%Ls56E=_jj=b!FyurxhPOZ$L%Mwx+&Z
zkm*ew<aaDlswN5u9~J?d59vhAKUF*p>>d|iK-dOXY@XfQ&ytW?vlXX2J5)FYwkiNz
ztvApnHTAbcR1ovhPfB-Mi;~?tj{*>7zkkHLFv`qm3hQA91a-?F0L%C1cHR%8jOnS(
z>e-&FH-k=ogjMQWUg$#k^46wyjSswZT6*3XI6l&T=sK-^F%%*rVoy&UDE;Lu=pBzX
zlsy87!`2Qe;yrS1QdADkr;NS-Wv)#2_burBufb@Z(-;;HX9pVTm+g!JUH#|%b#u+D
ztM{uP2)JI=h77`I>Z}?;b|@OTP+O8)hbs%)5=ZC3I&m+~uM#l(zaoPHN1$NZ=k3T`
zB+x1pVs39>$u{;qGVuxDqLjVlygeN(^@1rc1ZUO~qJ~6?uo#<J(vp=w8r?#h>89?%
zp-OD_we=Cz_8*LgogbQ8jfuCybProdTs|%e8=F;-65r+K8w1&<KfvJ{h^$%m#c#Ut
z<wa07b;jc@a_+|`RA_uyV*f~y;R@s3mpQ&S(sTt*lsdY@?X5=Fa)R8taU-nUwM(v3
zLGPoHW>?S-EG|D&*hERm_g_;I4nv|y;Iop=s_xAtdBx6m)#O|Dzv>9N{gI#CuCChn
z$#PNGg4}pHqG_wil&CIn^?pgNX?w0yMLq{FcJ{p$T0Gu!gq12G?nT((fG98Nyr`U)
zj+{L$zlHMZ8$oQtN76p6R>v$eyI-D|J$g_=6b4l(jeM2V!am}0FA8sq%y?W()f5M~
zpa*Syhen_)rqqwTUQ9+_b1@jva=GiXA5l_&-gPkk%bZ&pyDlI@`21%zI-f%TeW9@O
zHHBG}bS&_CxZiK8q`(8X|EnHLzkWB^B+=}eA4AXFwma2QOs9ULmcTVgH|q0nmLA7l
zss0kd2I)xwegf}7*`9mD&tZ;yI!G+25c@G<A&Dv+V=)VF`@h<U9)S3m0J3ipIV`&o
z0Z#mvg_dZt#yZh*nx6rV9S4m<o7rcIdNGYW<Rnnr-4%UP(r%a|lMZsRBX<Xm=7qe7
z>W;2e$5RqE_z!+HkU>~ahyPrhr&O(Ro1eT@o0W9eFzLmo^ZDgwX}u_|5`h60JCQjr
zAxAox<5e9b6;>5P({@_v)yR6KkEwXG#z4$M8qR)&e#$mp^A8#lcL`g&Wr`fRAS1;`
z1wMu4)=N(1JfE5SHAWNPsPtDi1c4z^ro0~nN+kQdlu7<UYbu1e60kE6T1w*px3z&R
zT9JUw{6x_}Prz=l{MG;jfxMrg{Df;m!SGOB!SMGHe?2_mTj|$aQky#I_Efkat4EqK
zK>fBD;o?N(nePj;aC!Q$GTq?9GP8)h?)7bVNx!vM+n7HYMgg-PwN<^e^_b1<a->7W
zh{A|M{O;<tJ_7N_rbwPjW0;a$Np2^`6$gRORdvtk`(KKn#0=aA;c~fGI>{+p1cf<$
zI|uX6_+@xvFaAVJJh$!&2@A;OWhsd4>bqMnIUK3;KIjC=&Cg2U%`V!CNe1-?<#TvI
z=lD%MO)?U2fe1=M9uR-;LWyLvx1n@gMJ(u1=U#Z?hu@521FgSmVzYzXhHb+tM0~DW
zAw?7>p6jKrYnVwUrn8#(lS_#`!pGA|5;NF>N8JW-2W?Y|akTF{`?T^(maz<38+!!}
ztAM9ZILlRJ<_H@_nnMRYe@jFBP!ja@W&Odqm^>jalDRSB;@i^hZ`zvMgwi03mV)hw
z9I=rlB8a=w%yN9&>_k!Z$6mOkm@gtcWgz}dr3h=9U2beph0Qj|cm|cT&28W1j<g;5
z6<lGeZ!`2u_ocwcN*jXgocCFB50#R1HFTr2C@PQMn}Nh<0yx+L8hIYv*OFT9M1{N>
zUF24}D+C|QU>Y0DV57a69(+=xUDCiG_mtAIt83cSMlWD`EDl#?;`D`%q0<S?;lbgV
zZfY5ctS~y)zR2OMk&^K4{^1b<`<DMJW9R~8V>cm3W^@Yn2Uek{GS}S&cZlj}j?<h+
z$%)V^?YU8J2Uolsu_A7Xs_OPjGzZy_zZw1hHYi`ONMYD6=zE2I*YLzpUA^?s>%p{J
zn%w#V;A-(UOi9Ik;1F~Fi=pnjz-&bWHR4H-9blBTw%M|Q=s50Pr}4*a3IMz(&vE->
zHCDy_{t>*wPU1PO2y@BLUB~&-@}$pi6TI33zTZ3Y{4f!|=ehAA6cuTQn!4%E(6kGD
zLUN7OD~VXs3J+|!pu6zAA2%{w7bTvcs3aZ^i=>(yHwx_!jU=SgHf*ux=HlHOI5;!t
z{_P1e#u<+tucMIwfH>Nasl4@y;+=u3L}-$>TsZSS+3!l|fFapcN{UKueoig5;lwlH
z<j3kZ!pw|ZV>2RD-h#!6^A6=C&TJqsYMzh`%ux(||8q_@uQr4Oq$G-FgVC{whbDb<
zTa#_o+x#|e=>GZE&e%8>D}~PNoFt-Rpggs=2-uzrc=<>Z68avZB47Unizy<XqZRJ5
z&3Icp)G|Id&AH`)f%kUIr?ASIZL0^)%o^dNB-fMP29f5kZVyX<t4&I&fWuuHJ<v3P
zUD1NYBs&su;Sf1q)mk21AJx@md3yRJ$xcl&^ZQ*po`Axa#&Z^7^g-9E+8j05KR{cA
zXf5CjGozg&IItB7NE9yoaGRc&<i3$zF}UbUE4}j3YT4b*f7)wl%H`+vypWHp)sT~X
zD?A!wJz2rQtAO0EG|2%D!ZqY)y|xJ0^o(G|fP#lGNf<S$4I2kX-_H9$J>83gY(*P8
zPKZw*bsJt1MoG8<IkKQ>0rlh{;CF@*Q{C)r(T2Fd<w>0*eCA6+O>(^2$3FPp@U6(q
z3%4hGySxE@f`0{HK~oa?T$z;vR#Gry_?jqVlQJam7oIaX8qqE!$1)^FpO?8bg994w
zcSs$Il;In;4W#$!Z%s*)@5>V6rbEx5tydr!^lH${FB--Lb0CQi!)-#8<kE!?M)(FV
zbD0l_i}xNJMJII~PG;S9MH2fH`E(&n>F!Y4BCHd3PXV*2(Edv6eok0ubepYe3ziX<
z4pI{G!Jicu_4-sk+~>C_Gcz^m)tVIN$r_Je;R?T*S{UiKU{I6?h-J?RX%c{1{dVy{
zwZRD7M*`3pNzMX4{lnE|#BP$Ch{%kOVgN(%4kHVBoB|<kUgSx`i3s=O6?tp9G%5et
zt5ufvF_GF3F^IHzG!9GYYF&zk`+^s1H>~U%)_dx<vSbv)RU-v~%R$kkXi#(k?6y1<
zizUjC^PG<!t)>5U59|xBoe)?Z-Yj3APG_oHz{g1!HRs(F`@`+8Y6w^0=MbVTYM=FD
zWr{(hSbStnlZ6-EPzv7>h%WG!$6Ge-paFyhfBZC!!tT^z1-oy}R9+xU-PX0p0<i6k
zrd9)9NOmOS>)27v)lOVKqMU{A2BEk{Xj5byY?d2Jm$%@LVhGFNIjfvr9BL+)Zd5~9
z<=JTb%mVAsAdxJ)^81xkrV)om!i~3n4-a^aU^gIePeSh3Wh0ll0{Vo6W)6)W4!muA
z@BWhwo(1ASQS`n+QQ+ZO9TodNQ@QS{wwJ+`?;HC!3Gq8W8pD>^bdaieTXb}Lqk4NC
z5t<<8-w#fzt#TwIua2T5T!B_<o~0b@i5XN<9#FpKhZJCK_z|xMg_$cS!e5?LOUY1)
z^ZMbYGMXZf8PJVinHzmQEpF_OJkuIEs8kF@=N*ufuWOBP``Z~5`3zuXN@s+~jt1#_
zF9Z>N0Hwxiye7t<=%0+xvit73<N6`*@4@l$01yI^W~_?S?Kt?iSsLiERfdYo5XmyO
z<?i@Gh2%-iSK3eT*3QpchQOgyU>=ff_wH=ubCxiIPyAX@u4m2r;V}DGXk%ge!g-*s
z>!YNxK9_Aa5DNafBFhWXb$2vuPP59FzpIRII2b;ro~iKuYncmyV5L%oNM$u+N+ZTU
za@hTjWM3(2sA%}r%Od>j3?x2huQd6z=a%3!JyDuVqtt0+e&#*yTW;OeB`0se42Pd8
zO%NrF0U=_~-pbexdCYw%mHm`QQeh-MArM4?2*klxax_C*t^j!xErb``-OmWvB)nv(
zJ#{=RkvOl2KuA4@jfR3uVx;bb3^(<+;267s+}Nc4i2S^zmXx5NgWyW2CK7pzF~{vZ
zTHfM!_`%XeUxUs0E2Wac<j|AH4vu~daO$}$vee+%!0LhqyB}N0tFb=zT|m}OoS(B=
z99<(<FDizh2&6pL77p43VevZ;(PjTM$=zDT>ohD9_#fozC$rq>cM`C7A*6j;^cS9$
z&P(~P^*jLg(i)t+VG+RdhkUri6;qbQZ~E@axCm#ZBo!!{;HJ%C*1p*12CDc8<}Qm0
zYv^TBf12c^-~uiO(GGzBNmn^8;4U5118cjMlvyc+lwbHYmusR|vGYp}q$hukV?nb#
zP$?pCxxn<vHI6XtItg`y=1>`Oa*_|6M8Mab!P}DS6Z7PJW>BETr9GK?hmdiXg$2Z-
zX!{eIpzIWV5rW5>F?S#a%B1wl=VlX8wTldemLXreyg)jEuaE-*9y|6GtgX=Qe%i?W
zlvWN>nFm7>;vtvvvv`4o$*y=@jHSu#DJ-2bA~@dDy`MGlK_E==MkoPU4Y;!uV0St1
zb&~Rvi~&id+s=P4bdm>rk;mJLSf;D*JNWj5ySC?#>Rpu7LlhMp?!?nd4HlO~cuvb0
zqGGYF8g`Sv*L3*kL+_=N?jaDvFT7xoBQ07iO^z<eX?1=7?Z^}#&SY8)$O+CaV*$q%
z3(^W|MeNo7M=wD43nn`?nTdYXoXV{<=ZMu}TZ-xrCK&!agATte&diHz<*((}9_{Fl
zO0t3URHz9Nq#<!O=D93$GV~p>Ph+tP30z|C_QDikZia)N3GV(Zvz^OPzq33y5vla4
z%N&6~%+rN&K}srTw5;Oa8Y~M6vi02`)lZL!X<w4X)_NU~6$W!mUZy)uQ%uhmJvoXu
zm74=L6EM4;4hexk5y!CzjAmG6OP7|3H<a6EEVBc+_F)_l<O4H`U%q;(@p3HOHBhU7
z;g&dlqzlUa$|KV!VRwL_-e5b{gSGv8fqE+wDW0x>Ez=>UK3pu{DY`&ZEPTL1532fB
zOiE^fY@+VFgo|*ZKOhTgCz=L<^G%2zkY8F>cJIpi3^<*L&$A~7N{>+of2*HcaChIe
zg7WJ?b*D&~<S^8vZS*%lP}R*QoIYkx4d)HF+_Hm%=Y3)zpLGyBj9KOdX@O<Yi!V2{
zzUIl$af{=VldG%s*Fa3=11am81EB#85AL2H?)&_`sD({j*4Jg~^rCv1?&W|)bGGzC
z=k4W_$9+1J--y&i2Uv2dqeK$fj^VFa4fA^wXn1$bZ^KwuDadn}$@j~xwi8LY<7kJX
zUkjx|8_9{k7Y!vMS2OK^qVPi#2BvNovr+M;CM;Sff_`MlTgz_}SB}Nx?OIO)Pr};h
zH3TN#3wsrdbj<C#J3;e%3+~DWfl+VdS12N5SKO-#;L|w`eGPivjisMc@6aR=GEF2J
z5|Br_Tj@YGv1j!PsIdBSspCg_t(-;MzZ@X4tDFbsnsmu}bW(jX&)X<`+lzB_j>RY>
zqu+`Lj?CQ)=H;yY_Fh;r!hnws;^B$E0tJDBGYC<5Q)~)sJ@pDY3Y7oKT9*B&zH}Q-
z!Ocwsp*La0LpZggVNUfMA)EvIhXYhzTPUt>&awScW~XV5i>()N4DH3C-iBt%)1B9L
z0(-=neMKSJf&KY$$K6j^dYrBo4+{=YC6ndk%~;?9_s0#2L0SW=N)r{fu?M<j*ixPa
znmSc2bN&8~{cUl9czS>L*B!ZTt{YOK9V}f}lXBRiTIZx#D=kl$tK|nUM*+aN4rNrF
zB(aMl-1cQo<?Yf+LZ~mM2iQ#K*N>F9=kqs7lKE<S6PQCufd=2T!l?H)bX2}fH<eS=
zI5u`LdaW6;q=Zk=yFK;w#e}a67oQ18{<DI#V9+F20U-p6GNa~KG;M6;)(;y}AjYh5
zUV@-xEk4(gb(Y0PJlkenAaXzN+H0&7cf)2aDL`>TBf+G-27iVc#|r{kCV#mxO3K!u
zdY9v6!X@1&uNWRsVqh=ZSUmx#h!He>NpoH!|09r5F0;=Sc>Xe0vR$U`*R=ZX?Kd55
z^lak9<m7*{%I-kLW3?AkGpG0Hp@!3$j(cOcDKdiQev-nRGqJQnK&Kz*Vr<<amgs#{
zn3V3tx#>$U8yep8DbuEbgAw(>vP2p8$$OZaqR%f=9w?;WGW61NeckftSU7%}&eh4$
z)p$Q|jymk-&khDw5FV57hpl65lXOP%pGyA#!#_2eWQs?fG7v$~ALG&dVZ+!*v@NYn
zpvWD%4phUexc!q%U(sD_yKosDxOgBv@va$?o3YV-xpNKc+y_*hnUzuKXT@DxzIN8X
zQnXN{U&=PA!X`>US~cCmoZ2*mR1W*AA1$1^bpHz2)*n*6o`emJCwu9>wVVF666{OS
zdmR2*u_F1d<@{5Ot+F(-HGrUZU-4d+*yM(s<Q1xhbTdbhC0E2;3y-Cmr>d>N0Y=n+
ziU`dea6wyG-=MllT<hAGLKm)eY})_X1BCfpmp1Q41vju;k8m6_mgzos>Frf0GJ*s_
zAiKYY!k_W>hoNkyi`Cv6*yNGvqaGBq$HiY*Gf(n-k=XB5&uD*l6i!JleESFzCFEk^
zc8X902Xwy$1V-*H99q-6$sgjhs$Kj0`EjR-`_$LC@KVWT1=07Q5ZFASim8Zr6+Kg=
z%2)};_OU`gPg_LJ7r#$A{`9<v7W|VSo#J)2N7r8NaJCA|hZWQ25S>jI;X!XfUccdx
z8WgwbAi0|Q5RmF8P~x^RuskXH)zryoJm=bks4(lmf@teb)dtrBPImGN_2xgdB~;t|
zna>>1cira2-#SlzPf2M1d($uDF&}Yi$?6ab_hSy&6-bn@>1*Ld*v6(<aL`G!E5?Fy
zK}$j1eW-yhmtGgGuCty!uo)Y@2#4AZLCQ;GIDM0rlEIo5v&)yF3IPzrSVIlVo>TY`
z2%RJwcyNedj*SFxftYo0k}@H@P~wQElx0%KW%L1-+;cDrhj7Dp!aRaKVZLl{im{qr
zL({SM@5wvHUNHH;l7Ow@Y~etbei~XNU#>>(uN`%rYxlw4$^5A%XgB@5Os836@$Jh`
zd5>Elj=zzAy~zY(h`9enC9QeSpOUb~^XDD7Knguk6F*$7&;^yc;1~E;k+fyzCgq!g
zhC25h_C7J<GSa3$P%`keRr`#Cg4WtJF$6P1=E0r4PCb9PgIWv(&t$j-8_)Xs0#&aj
zHABWw4_1{SA?`>JsT{)8tpZ$#VF67ozI&FGKi1twJzlWNEqK%k=dsZXcCRY0iutZX
z=g=%Oh_a~Y1A^EMMhl=T^yd!V^DmH_%XF*)ul*@FZ!;tr%y&In`nt=7PI>sz=<PC-
z6-Pk=BRL5%Q4>QuYy7$6L;cZXZddi6NAVtFuUkX9`_%McXG(;)??XxNBi<F-?rx}Q
z#;8M|g2a6%oO=|@7R^6~GwR+_+u?9~D=A9Pdu|MkV1H-<E?HmGs1=Uv@|N#_iby4v
zW6Rn_pd$URj_9>L#Tm{btg4b#4-Yu}CX<8#?qAo@qr(EMuE?tALyaC|uQ|K#+=y1)
zJa>Z~<$#<ZtN0c2$mr2UDhP)PJ=`eW&%QFL8HH|hHlfZKh~Evz`tSwp7rAZAk8y@r
zq36>vE8^fhk6-U7Ja=jnGP`d+tpxlsX1~F;^ICa)X1EiF9wl_e>yYt$i^agk&gE>r
z5$>?KK^xfhC@|EQ1+8(1QlD8oh{zGd3)H0@+>kLYkZR*#uy|!m@(u3~?|y#nU_6vA
zz~@V$_JzZD#}+~y%Yvd;K)9`C=yvv1hQ(`aB6fkS@|3mJ0!9ZiL$wIZw%9*0V&8`T
z(oY;5nR&#-&~yETJ?GTjGp5>$n-_$$lJ=88*z`Yfp(Y`9Hv8&}FL>%p6%YL0sXN>M
z)Rvez^}X73OM|^Fp#?OZmB_(9aQw<>Uo=NZpJX7uRTu0{d=x~{@*epxqB}4Sc}X&T
zGS*cMXgtMRn%JO+{Dpm<sR!%A&ad`##L{SBZRX=GHqbapUL9kj2<bAoXRCbkC_q{D
zWsGyZ>^^IZ#?bb8&C#XUi&VDGi|yA$#e}!!nQV*i69EG%`ZW9t$T4R5Dh_%A29meE
zfcX!kp$@j}a_N&p&Ac8fVX=Y6^3nG(%;K%j?m|`QLl7f<yC#LjWO_PN!IlyhDq0ld
zqro*{=OZVD9>{!LEQh)Zhf^3rT#XkgwwAIb6|O-;OXX4cLC^Ty&k%iLHNh~^Cxp11
z7+$7Pj$B7~$853{NM{X^cJoZe@s9n3h5Obb2yta7>0bo}H7wR(r8XP{%vGM(muPoW
zCw)u^1XTe3K4x$!CLpMxjuhxhk+xZ7@QZ*Qh<=Ik&F79Ez98>=A9aNycmhT-7E=sp
z3c*KbhUeU}UX8G|WG~rC)TDhMSu3Tu6A}i4#L=4%Kc;esUs=CaiGACNKavG9fwXIs
zRhB}KVT~7!gEErL;&Sg_0!B+=w#~MH6QLIlFC?CMcWobD^zhs;3(WMb#6ALSL?Fr>
z;6zQPd1|B8)-IohmdXI(j4^s}Pk%X*CjZIt_d#vb2rBd!&15chB#DYTmsHkJz-bAm
zo#VxYGEi7<ac~W-r?g=i{Z6+|;?x{pn69!4>!k1J5xq~@<bY!V3g*uoRbY<|z3bb5
z>;^kNKX>d4cbVn{+WGh3RgW)QdLAWPr+K9Xk||dL=P85hE@lX4$*_7r_~kttLXLJn
zR<$g!!_`buyK2z=gOOwF%=aCzqqE03n^p9Dk)hRT5US8?1`sDWYt^}P<#a9|<`|eA
z4Fby<Fa}y$dTocQ5qA#Eg1rvC11SjuaFa2SU)yzDrivHQ=3p!?B9i(#YK0FSh?|rE
zhT6eUgN;@ga*4w1L9F4RU09aKW=atIAJGPAImsBH<2ueTLg{4gqu-meNsf93tP0dh
zjUKJALlc=xkR6zZj4mFr01ola*1hAYqGgJ-Bfta@rr29LFA9$;)-@9qs=SKSzDeVI
z9i~jv8NLa&oI$*WwC}Pq5_m6!{8`3Vmd>LVw}x%iwJfoMVldeGTLW?RbFCW5RidU<
z4fY$QM~NT|yt+h<?$Xoe@BIDVtC}ih=T>MBh}!WekPz2PE?#wmxg$0ZqiOBv=%CV|
z>EbOfgcWo1+=~`kQYSoh+@`3HbEe+dd)l4b2@niTZCSd7+I;Xab-5rg*jBN3Kos!@
zo(m!JMV0gOJ3|IW@0$piFPOGcb4yaIkF)QXn+JEx4(fIDKzbc?jW}Bj<-tM7XnGfj
zR}aM_@P1CKtxPvkWZ*hW*gSC>A^O(puwo;zju;ou;D-CRT$<wvP+uBObB?SI2qv8s
z@}DM-<#<3F#sCWnxLdQxUp^IFjBFfM;|3jDMF<p>b?2SH4#EO-dMi?+5y+Uf%rI_b
zLXfsgt;t*YCFWg{>-0@lJM}a^eKbLy9eud6n`>pJ)y5LpYT6aFd_-u_*mZ+5>Stsf
zrgJ+s0_*W2?*lBQcy9)7I#(4~whAJDl!%EGop2$FPlWbkO_f98r8Qg?LonPu#qnh2
zc>bD>IrmqR=420v^2gL$=^~~C-7vlgY6dMX3Ds`q5=bb)bI+7Q>9)ZWC_Z{yohs2h
z33rKU^$l2F6Iy}Yy`}W2F^5?o3LKY}bW`2HT7|i&-rc-8<5I1qJig;2Q*s?7A@qhi
zsad&1l0vbSy&#ASaxrJne=>!HAR`rv0oQ0Xb*r82c5!^zY|TF2kI1@0kF^hpU#eN4
z+!)Te@#b3k{kOMMUg0*0Ed~LOdPMQ^h-0f8in`&XPI=?bzV5zVnv!n>b0npLULW5w
zypN&Kaq9~D^lsh+r5&yD&Yj#x($YGCxJ^dDs~cI9y5BuJN)Ao=vq0(wL_)XHNN&?N
z=n&#giG2R*2V!Z6PYy+zMYGWHqKAcS{z^AJ%yH}qWRO8Up6eEevMpVrj&NCoW-H3^
z^dj^+lb|~VqOLeiZ^8Ejv(>{7N*7^U=bxMtxx~@e=;QT-5SI+sfpR0p^`<G?hc&gj
z+x}#fw&#05To7nrHIlS5*Yx{M#7R!0tPNw|rFQxHP1#J>CXX|veZ4o@gmW&*yb~Lc
z2ZDtF><?_>fdfagIo*+Upek%7zvo)5*C}4S*iQ~Y?vKYlfBCDq1QKmlo(08j+Leyn
z%H^ktmP!FHY+<qr0n3I7d}JIG_;HTfBUBuLKerkQKAA4)3I7f{C5bRb7_zExLesBa
z5toM9xv8{|o`q;zRDTIvxFQ=Ljl6ZONuy6JaXBIpo~MAEtZX8P`~DeM_NGvqumtR&
z>7|^vWx|)%PW~fz)A}c{c|FhXh_BZ}=eXLq@0tu2fOcZj8%tE^Gp{0@R#p6-3e7OV
zqliff=|2YM`vlj@T?#+Ek>Iu1QVIomY}o*E1Bk<@Uy8du#p1j1fWp&}PhP!!Hw3mK
z{;mirLt*77b?xK2rH5HpyRoxD`$wQIN}LK3c+-nH0R6CcaW8D|^i1JGP+<`nO|_?C
zG8OxRiR$lFjVmAiq+~ldo?XNDX}4Iot%E_Vj|GCZVrcO9tGsX^NYh0K)8x(q8s*a=
zt8AN{8F_ejfpDd$kHE(A8@iUS1D~M?<F&_-wD4SN)XaFbs%r+ezf94eGeK;!_Dt1*
zfw8OG7FnykPlvYC6-rBq3cL`pxM*UNK&-7`8hn>iI<ypn9Z$+|&aF4&H0`;kiKh9S
z@`*xY{aBXq^bM^atnY<oCP0^)Y=t}1Khic0aE3I5jM{i@8jpHYn^pLiMKQ-p70<CM
z$eE3H^0VLktI1!_iPS((Z2<W*=*O8nIb?XlTR#l)T8EjPzWGpCe$z2~43F+L7aUx~
zO^k>nnF_1Y>?eBPv4wiNXe8UeJ}Ci2{Y8!D2>`i2N1WLiA)~?aa>IPS*~eVa?*)Ab
zKUmzubm}BK+gZ=dOJQ2GsMTcQP#wc_XChezJSOEZU%cwd4Qq~siJV(_;(8vRsMuZ3
zObk@P)lb&6i7*fHs{5W@%~s(uo*Jq7o({7T<jWw?@MZ9sP{+Zt>4O8(N3z!dYZuZM
zn^gYeMh@wiqAl6yj~1$U+37^ae_i6ZrU6x8S@NHxCfDh=lHEIK$y=`tAE&glxiM?(
zPTRDIX}hSpXBq$!n`Ogy8{3G@qtPd?o$=Jlj><5?)}urhUWdutJ*lEeS9r17>F`7H
zqZhIZ3g>T)U^V@u2WkK5-lI)3yirY9F4Z1)tl&^JL~DoDtxRebiq*S7pHB8c%q}-i
z1ZPDV3HRzvdTW-4=Xk}Q&Bml8mkY<yf0-`QWtHCdbbakrpXMfN6qefk%Q@=xSPoQY
zwg(fmz@?MI88d9mp5m+KrYTxpde4}P`yiB<1Q8H{yoKM?e6@J-VtSC;P~g|+Cwiy$
zKSk5sCM6>ZG}yECyi}d|CMeOMn^6nOeIsc;Jb0&CfuZM)kkR~?iRoj3{buQCh|a;0
zRp9$3v->Yb$daBu$o}Yg@iLwH&X*^`puYX4B}>@u6y?MQ;P3>5VVOQE@$^wWVGnmp
z^pZ1J-uLl27LaT1MT2&W8|Xa55`^ydttVQpQA3dm;+7D(5{iPf63ve>T%$8lXf|R@
zdUCMXs(tBatjeFG{%chXXz#XM4QTeo==_ZH%PmHgG{Fz+ldt&UK1DiE+vAF(fW9sX
zh*+<#H97`2$0%ZMQ=Sxk5k$ZFz?ge%g!^@%+$^E<UU}hyPYT-Lz^c~;RaYwc5Jg<-
zUF(=1w9luF0m1=+1|urS=8fbhhc#_!!YW2%DKVGd-7z+&+nE+L3;`!|ZjdTD{qyj)
z6O!H`Qbo0fu05p%jFr&w(xnGVz^8W|&Es&>qqx)R$@-B^Sqzy(LfD!2pYIFaXC<L!
zvUhwPaHEh5Tp%&j-DhxG`o)h&#O~#82|lg3PWAiT%*Vak4>_aD*N#Z)8m|p_z7w|j
zls@zJ#zN)3A-7MR$I?shqo}@FQ(0qBq#&5(ADxYCl-fgJ6@*J~EVuhYj$dY9z+*)h
zYkdV0*9m3g8kYs31qFIuo0X^bM57Wk)SAAYZ4%Z~f!;^)jPbDn2g;f;AE9SBMtM$o
z4LiE`F@dOfV4S4v>LFoks5VJ7ur3z0KsjmBNxvz=PQNwUF6HK|Hg~Oh9v^2}`)TBD
z`q#vRo@gi*`vaGF$8`L~o<(cVc}j}lQK)S@=kq8QAk^+-T%)h<=y0rqcv4En5^oP>
zkNk9zaQqWU-_nV71r)Q5GLqlL-2&@>Ei452oVPsg6YF%H>y`bO`lJ+!_-U(yu{?&*
zsO7iMN9;y3R!tvr^k%jOzc)*~-2N>yZz{Xno-1%A$3=jYDk+n#%WY<cn6^uiPYzG=
zddE&+D2E{sji`k0oX>DJwpn*#JAK&+JIs5$io56|*SJq=m*Q<~(UFix_Cw|Mo3s!q
zIRN4*6jISB6Ui(dIM#hb=tpt2vNt7O?@YZ!&_R1QZd36D<iW<ZkPQ8~8Yu0fFs9cZ
zNdGp0Y%Av?9rr=?ZW@6p^3MI0U%sF!b=vRM^CyHMY}ERG8o}NS8BtLD<ENl2M{`qB
ziN|OHbFYjO8r74x{*c)Cz^p*m`ZlWfAysUn$jR^6kQnf7#T}@-k|SCV)SYmf*q|_q
zBs0UZFj97ri@xp6bNq)ihN_=^c2lHIN*`1A!Nw{el*f3`Ytt@5NZK%qyw!<?e#<v&
zB^q~R$orV?K<eWT9w@dR5&0oO&hchbYw=Ipi;Z_O=Q--(h+X+5z6sD8gqT+F(wePq
z|FZTBN`6KD5?hHvAWO~WhC7{B2k4`6{vAcXDHT2FQXUwt25oug$%#egbI8bAe@!W<
z98|e0l73wHa?0@~x6^(^PAP~VaM6#9S22X<;%$Xs2sO@`6Jh_1wm@3UdB`U`o7AS+
z%wPLCH)7+baV~ur4eB5|$aAtLL)fT~Q0DLN2{$8@fJ@&NcfRjG{YagN&JKKwck|xT
z?Z8qO*s@a!IexpuxoE3Qx^0Xr_lxDfxQiB~hcvbqo-y7enbjqa>rcXTSq)+8j+r79
zwKjbxTj^oX_8r1kAAAbsGVwZ8`=lI*RZJ&4CQBA2<xq$d&SoylfRzesnJGA7b<{up
zab2BzY<gX;aTqI8&>#09X!y|&82oFb85Hpfrj`uLh-x;D`WOf-C5wPL$@D!0P16IT
z4bZ#eP!vQ)yeFER&t>{3UfV&I^(202D(vKzf5I~^!=b({*O4AGEcXwg*z_OrIhxIo
z9wZ<S)o<Pta<G)_@Yd_BU9?XuznHzq)FeQWqWnuFX(}%*ihN(W#w*$fC#QuEkM;0F
zI(@xH9J{(fLVbo;%V+R)#xtu&2scQSxJgZZsYFl**^Rq(3mpxLg`pW~sUTr5-&)+M
zB8Lrkp!Wf_@UR&}zi-N+82MNSz=*IHxFwQlM?SRH@{hZ&6nF7b>+6)B4`mb@7U4c%
z3nDcW0lfqqc|WW(&ZV=aPAJP~8Z&gm5k!ck;;&a776Vvz0v=tv;n#d&np?&W8Eh~v
z!<@oIC-Kpo)^SSsA)CmGq^QPi#@dVAwIly!Nmu5)AK(Mg<ohdQ=PdF|zsW!&OLJ1k
z4E-(fKqLd5m>LQP+~~;h%j+o%lBRFtXKiF`h-9%Q2|=8a_m#)JAIz_ZA7-;KL?ByS
zYe#hCL9IszX^&S-)8wHvK;jHqM6&Cbf5Bz~9#Z3KC@gor>Vvag+=A8|_Epkg4-<fW
zyTJ2AC$@y*H57wbC(C(1P{!7Gd%*&TBi+VDLJL&b^7A<=;pM>{<)AxNai!6e0{KvF
zJTtIaJ}q5)p_|+p{)#0Z^#2@S``%Q)$kc<m!>}iByZ3r5IZ8n`9yYvHmZtf(6JMa|
z805keAdyI9OJo8*C`N;P(-O1>ISNDSr>(S~4nk6%e!uJRq9xxKYTI`gF$9?vuP^+f
zXKJ4w=3({jE6sLciz#gUlGjPj@1%MSS9h@Vyw^e=ic~?eK#MHpL%UQuNFN{`r7yqn
zK$Dw3sCshe{b+@xaUK&kk>h6VZ?h##q<HBL-WI(-Dd1H>-yj2;Vt@B<_?V7Jv~okY
z_YZFf&zx*5hG`j6i`9<A2;5dXu{}Ex-u-#}-B5zQNfAoM-|~uU%+9(MV5f+wt7So=
zw4moBOpijO#78d8sqeG02-i`mVuj*(AOBoF0YkXr{NZ<Y^cM~G<#;h_Rt4R+5Cm=~
zc7oY(K+Ml@9_Jy6o3%j>6Vi<bQJm7Ft65S?>n^?$XoHemFK|Bym*kFaklzPA9l&N8
zYR0^W23g8=hIAZfTV(orv$eP-%7;{_eW5Dj<u|%tzz_G=)V?LJmK&G<fKKGwXglb{
zjd{eymXl^ELlNE*fR{eq8#w)E$px3%yGW!*dmY-M(NOdCA~dqY(3NzBWJI{1Qr6mI
z8rR?=>6OqQkpXJmheWR3Qgs|UhBCS+Do(SeCu97(`H|A$tS1LuIvVUpYF}vDa1q=u
z#F&5=p*=#pT6^LGh2wj$rHp1bY^hN}s~#&wb=G$!lgn|bpE;&d@O@r&Q60IkDap0H
zmrLvwFi3n_BUL2et8QWVsx9{yjE@+6<~mn%E`ir%3k5=3hYRkispXX>BgRB|Q?A?i
zXqyM0Hg-H%`_f;lK+mov`su^%X1dyPqezU{G-jGkxz5_-9fv-5I1!V`dq=V#?-tM!
z@}B!emKI2CxiDMGTKo7F1-_@2CD5p)uCWe!=?iX^r*sX)x1Ti#uCtjR#84+st-KKo
zEoF81G|PUd{BbrMq@ms`b%2l%gp=~1^Mjyi>d)~>Vl!#i_WXkIGCln*JjL|sZDD<v
zE;`mI8$#a3`Nyxr;sT2lNwUfIy7@S$7)mGJVkDJjsi6})PtPolk8TCuqaP~ODx+U|
zKsjt!CoR4wIj-)LtzBLuBl;3W#~Y{8<n-UVG^j7qIp_2`)*NAFi8w;jl3v5iY0l6n
zhySayO4(TD%M0cKbY$k+*s!(p(4e#`_^k)+#p%iM4?8z6R`DR(Te&u6J37vJ&-E%o
z8V<QT&E%u+E<TW!m?S-`U54g)tR(PLC3KL}xV=SY=9S?$wDQU;$wWjc_LDRn+sUM9
zJWmUV5cn@b+fI5+kgX{hHCDkh^$YHGdV1!G{CDKeI(_Mza6rG@Em8bxCEaicwM(?;
z{9eZQw@$32rUE`|x%A%Ft0ZT#Q^Y_?C<IYeWBy-&GMg4z0rgWELk&)9#=Pp|Uu3er
z#%tv2wEAZ-qwBoqroxJsrq6TF`6z#@KeUxLApj5FP`(yHKbN%@=2QMz0Y#N%UGsY}
zV0@SNhySO{O+0x#QTE!cX0zkw^^zyI*e)U$=+vPaef(6l9zSf^;Z7RqoT}{cza$6M
zJXr-k{@O~%D?eZV+yg!<qA1A3jcHAJS~%%sLy)-d(AXm>yQ?=xtxBDg{_uwEW7HKV
z##XOuK>SGTssiw-@==zS(}YTG-_N3pb|n5#;_kZIo~Z^kJ=>H^U45N%pk%4o&d=5g
zz2`cA8Is1`yt&d*(Xk%>zG|O0cs2-#9H=YNEGIN~y5j;|F1zOM>`JU_J0yNJks+aX
z!#$4~<x0rnr4XoCRC*vwcI}RZ%X*Kb2qo$1;k4mv)|v00ep@`+^^|n=z(#>irv_$m
zoa%6cbJ&eEn>(W&Cnql8;w3&gsJ?z10mrsf`BC<R<vr!F*Xc`IA>{gqshUWLSH)dT
zX>Zpjr-D5s*u3X2EsMhR*vFQC84~?}9b9!l(@z`!j?oR$UH$;6iKvv4QVK|eAR!=1
zh;)n?-5?<#DK!|<N+^v=O9%*(Q;<>8U3<@W|Ll+5?Vfw;o_n6pb6A&A-rn4e-J}i#
zu;@leesr>0q-`gXRm0`8=Hb%1@5yVKnI4@N&dA+W&ce@AW_1Oy=60mby+0`>^PskW
z)V#9XJNtV={SQ^`m@zgO#4N=tv`adPBGBWY$ni(pt;-_9eS>B#&r&u0dWCAIMn2sS
zmU6@8sNCxIPTQj!da<v;pnZF;Vk1+&$RKd%Pp!sZKgGuaZ-2dZQ~ySnTg1-Tkz1(p
z3Mo_fFVM(>EG8za+5Km@1^McENPb!b%p9^dKONqiu=M|mwo}Rfl()A6$}WE54YuFM
znf|1k$Gv*69GhsTew&ISjnV%G3AmGdgM*r)0AON9(G~@0$^^Nlv)!9=G<P@N`I`NF
zkjj@VQ|MQkW2oo8w<Y-WK_)iOr!_0`klAX}xn;9aET&(}<i+nX^RM%R!|dq%Ab_Wt
zQ+@U5q}te%)?Gq95%Tn4)&K0=YV5v_-_=Czr%vpwt?v$*?LG9{sH+3Fszgi8hfc0h
z?q|7chqbBMPM}sIE^$f15R5$MYhR&7`eiZ)(|`MyR{@nI-I1O%XCMLbNrs5w`=zz<
z!n=tn*{;|6Kp-99n|ob|R$_tdPlMc}nY;j5_8s5!75UZQEupm{`5Yco02}ft2HaXA
zLIZZA!`)S2+dK!E-`rX+veMhnUCcilndsh<U^M%hnmU)~^F8J-I4WFKH@o=ntQr%i
zcpW^$_r&E^CdvQcm}z=Wn4{q6P-fFs;bml?n`>Lt11f!V!VKqaplXmP@qb!hLROH_
z>Nnha3}FKeyFs;jk;*r1HRIhSyGERtTtPjSggLSIv2WUBl|7H%<FLcvwlwFnvsAI#
z>RU{mSMfRt%Mqn*puK4R7wb=Ne+Ef1>rV{i=`qyGOIfa>b>%sv*qi&ile60klfe`2
zM}aw%D-ZKFDjIU`QOxY6bKRCddv!8jVRqwJAN`H;ys5`=y;-`WC!4X|iNUSe8XL1;
zBap=6C&RVs;X2$>{W@3h5SCS#L0;FBl&`~n!49~3&ei~V#LwySzbrRuuVlSw>{GEL
zP7+MM9%OO<&?ah4CXShUNXD*B!XS@QMV(BFDrT-e+Qg7&cXiqh*Kg!#_pQ{j@?%7B
z52g2u&dk@kNiwrKM;9UE{N3+M9wPo#5V36pugI|ckOy+_#7p6HHLIcLGN|k$rnlQO
zX@Pr(S~&46l3Lq8ie~RvEph);En#qwMTYPGH6e(eY^6_NUzP7*QI$YLpdjLNjIX`D
ze65FxWJ8gBa#_`(<2NzC5ihy9IPc<u`HF*yF`YZTPyelsR&a=>R{9Y2jvNA&cRsi&
z2^O{W>4SzqZQz$C|1XOHgRw$X8j68`#tn+;SY^CtrPpYITpxIn7T($T@k-ldS>hUe
zdvQLXDlPY~$j1}3Y$`up^7Rk69xgrGu{iup%W>*lQ`P^Yot5iQ(!sI^g+%kQHRjp2
z8W=eWy{2ZnxMU4e`}w>QzZoPU3yscO01%G_ITrls@90vlVd5iFp1Mk2K(=mzOh5qu
zRBh)lkXJErhCXwx68o325JKI68FH?Grbb!!Cr_=HOP5Ol)Gq}Ud61fs*zl`Z0eYsc
zaO*$*x=>Dhrzv{S%8&v}3H^cxZua8xa^lB{xm4}Ar{CK$87B4ju1@e-5u6*76FI3y
z@vOzX1Bo=?TYeBoW9xEQZF`tbhVMFs5hX{LWmE}eeK>6=SDQI#!!tvh{|K_OIAX!J
z0SLnt)cWC(%p-Mm=d&_0F%5wxRYbD2ATG)Dq`#?XqhV^8OBNLYVy2K49@Vqor*x<n
zL2&HXi@?ydj104Y&t4Nue|QT6rKOu+)+b0@Lfb;%9Q5IUt*99@Dxi*F8%Pbk$y(5-
zDOp*m-5|<BcQG>+KdalQE#p=-%>UElwxA*mVMI>E4r<BM+`#J?EKBIaav<vkIWIqX
zmdh0@vz%x`7E$|vTD`kA>HlBC$?{y7vj*BI0sNt{7Dfe9AK*BHXO{+9$4*Rnk|W&Z
z=Urydc~asgyY_KIb=*$S`8}Wp^H{l`f#7~1tKSIspS>>+dK5M?rNt8M+%xO@qGx+Z
zbPo<Og7)!!z4d#97F3vnOMnSd9%tu(O+|rx+kX&n)~|Ykx0#rk|FsOi#*&AqqEjII
zze^=#*;eN;Y!IL;7to~+vN;A&DLndcf9D)8>k)KFM`8RZJGS?Zydq9+k$Li4zc`Da
z>;P;W)?^6?YqN$)|I6qhA<#3mvAS4f8T1RG`*hjc$>1UwdBnvr;gtzHpLtKy>V06!
zTOdeE#tX|RRjOlW&*;Erc57Za`aM}Z^=3N8DT-w`3$1+xx%S0Y-fgis#$Zi-2RoVj
zP#&{~h|i_9Abn_yB^L-kfWm3%{r|3gY<4*7iDg4fi99!P;9hWjO5#~By1?CxY->es
z%BX5~9=U6}TxdC5T1+T))#zoaRj<*iE_M>oMyi#bQ9<i&ujzU84aQ=F_qv6kg)|a=
zEsIV;3MQ@=eq^^kn6e#;NH8&s;$f3uLLqL-&dop-aD@M#t?yOUx$B=iIDO9eV&gk#
zc5z!5%OA?w4N1sUI8jkXQ9N0smP81h*YleIF+r|4UD6Y#Pn`ACaJ+B6Ey6K{?rL}e
zE;eIgF5`yNn>8LA7S(4z@Yg4lqW=qZfVwfGtCwP^dZ;CXtC7@3?Ba8kv#Gd(j_R*k
zsI~o#-x!IT<T1QMh2vZ}uNHcsSTuG)63#^N$@zPdt@l^TBZUCmtCWYTZiD0lA1@f+
zNd$Boy~PaCqwx&rokFnvRM0W>U%~g8R+bKPNPH%)#qaXB!kM}5M7icY1}hGxQO}Cq
z^l|s7_ZnX52u_uias1mg9x#glp=m2Zyh->lU?;Qv{rl#RPpY`}yHC5Ws%qJj&(wCy
zI8p353(J(h4}VUpn1D!-{kNYuE7*hYQ?ViS&}A?Y!rU^i85<!c2A!9?(|!HKXTFAX
zD0dZ!E9&Hi+PXXQ>4_*538iG`T>drUyX|DIA4-hdDI9mqtm)Hzt@0CogC8?IFrmop
zO0SX~kZuupu;@3z8_gF%#G}lXy9tA=2)CEM+WKYZo2L2)eiQe?L_ZlWk3XMNcc}i@
zX+w8w!mPW1t0Syjh4vmj4pLPrX*?T%@`$Wyv{s#}a(oaYZg;tuZt}*KpVbX`E11*;
zM67WvN`;RcU7`UClD`npUIik}hB=d9)45!A4b1G-U)mKv@)GA`6h+|#BjS?o<e0N2
zne<dJqic=4NDDP=VbO(Ju1C%gp6YG?<n;7x9rlx_hRkCx@j^@*Z^Z%0HDd?EQoHo>
zAxYQ*BYKA)?58lq11c;VUA;?YErT-od&6PqT98K%Yq&T+pBDM;65W|Gvx}2mY0mTD
zF2FKY3dJ;_nR!5=#UU%r_SNnaz<?<do-$cxJt;G2SeGJW18;lM&u$PgQ6M`^*g|Pt
z1k_;kOErXkSkj2(MNJOR`2?r-98Xl1@6p~1GniUCGO2Jk24s~DNh-O*jw=vUFLt!a
z5{Rs0jr^N$K<6!9CsqszT-8>UvNU=El^XdCxFdTJM}zPQAQ(bUX#2Sh+w6E8Jr@Ov
z?~jA|<_pZD8YO@E9chuQ6-lPIc!!Al>|BGDreL&y6x0L^GXpT#AcRP<AjdV>cDZA@
z)QX)-D;<h87q^iMdi%s{IfubyM{q&zX+7*X4Uu3BlnWhe<b|@kb-p>@cDOcUDYwpE
zj!-}ChrTS@32QwOxv_iLqJaF?wR$-2JYn`<0dvPS8@7b<Fk0=ad9Y}h{@B=h<e6n_
zrI)T*900?w$*bmnv7xIpzwhWjY5!VWKi57b5~`p>*Q$Hb7Gk;yX!(oLr36!#o|7>t
zuDNm+d?CKmya_2i+mFpkNb*E1g907Tb@rQuAS^|fR8XZXX)?JebY0c)6TD-c^YYh(
zQ<hJ@wCwjrRj>aF<Fx)h-})=s{Lxw`_8qV@Qc~zxGUK?!4lH9^jGm!;6u#uzaQJ}(
z-`o)PF^F)_2v@jdANFUXol(rCec^FX?wTl_BqdhIhRwB%TDh2>LXk2h>jhB_W5--;
z$Y}C#eH+qq*m_cO;-k>&@!j=n=X)Y0lM(~84Tcjoe8tQixbWxanqIVg6Q<CUv~f=u
zRt7pE=-3Py8uQ7SUtir$8Z=;wPf^ah`KQ<1UZjqx#D3T?_iE@gY?klAVi}NCEsBUI
zQd7GT@@49PGbg#MySN-X&fw9MgmC-*P`xgCMO+eE!uitJ(kKDY`XhS88P5cS_5_%C
zJi7>N81g;-U8{(Q7HnRl32rZ{>PX^gWJYU{Rsdyk?HSY+8)}f1G>nR=34?x+kF6MT
zh6|<FKwro(tGck`?vftj5``Mf#dd+%9c?3}juIiZuZ^SAQb(Q4_Z|Do>21C7ue}M5
z`6dqqPlcFJ(tI~Bu0spWyS}BtcF!)}Tr6+3;Fv<*k?H$JUP|(Bwc_G3hJ`)smN3*;
zu2vJ6N<6SN1X4Ez7Vl7uu7+>RqmpvaE*v}ivwr?oV+FtF??KK6T!~Neh_<V|7~9%Q
zp1m=qT^KkDN^yYX`5y3>$&%_-Jb^{4=#Syx#}d$Mle55q6-9jHp$e6&|Ma_)2>|LK
zT6vsd<ak-}vais>T&qw)@KP_cn+BX7v0kE(o0g+L6Dk9m^{zbICkkj&AD-kq@jD{<
zTBKx#@LClzCVjg;pHmmf%`9q}^}N0mGjzqCAM`SycS3=9c7S*i6CU$!>q0@0qQ!d9
zr8O;n{z7T)Xec`|54Bb9Km{&=)~mikKHg)CWA*FbBg9yjBc#ClHxCvAft-E=IT5_d
z3KBuNklMlv8e4FWZs*(?_joeiOv`P+CUp0Y>EE8VJoD9)p$}{J!d+RSGlA{oSeOkP
z*T30h6pEp*vMduvT2K+cX4`{`+mQxmzi7Pu<@({I%WAhd@1=64H?$9lzVP!rJ>OkR
z8&sa~LysVouUrIS0Pp0Vz%+P(iNc&=FMXQu-Q1K<koY&Lx}HCdxVbiS*$L?{kiWyN
zVe$jt-PbN<f`f)0nb;W7x4qKk@$ARf{NunivW469`Q!WQkaM@R1kpZWKnT#4p1hAQ
z=}QB`_8@@);U!->q54wJxis^uTRy{&UWq$<PlPb|v38g=HPMVN)j$G5m{k#|h1y#A
zK2hUYBys+lqx7Y+?tSCx{cnlRvTR9|Hg`VWZLZjB_Vd6o{v4|_#OXa_=^(aYGdCpR
z)glyy$R0TQUsui`ugV!*<lx+F-nMfH9CK~O)iuM57_m#8W%u8k>dxgP`z(*1pOg%Y
z&6SkzeL)e2>zr`w0hQMSG{7*cM=)P<6tXVKt5ZSJaX<fg0H)My1^dtklax(&FPt;|
z@ZR&Er9bRnPjB^Js{~sT+!MSIae;3e<?RZ_iZY=DcyHd}?r0}y5=luy+BG#Iophb{
z4li#U8ZTI16{L&oAs>kNC|re}d9U@-<VU=jhrY#_p+l_F9Mskq5g1(<M#R&np^c|R
zfs19_zHJiW)u1hz$^9p;_b2B&#Z7=wMYi<k5%p<67w<WSQuBQnPqzB<^gaoQ3BD1Z
zWUuByF~b7PftUX+s!A3|#6za3Jq&HLpsM*}Z(M{yY-*=x^E=*oKW~m)_q8sQtDL)S
zL9d8NzFiOkwY=$?zcr9NYLcBNvelQR=c%H$N!giUE}aM+BW>8W%BhvpR*n<Xz7(S+
zh_<<*^ap?NGm^51;~wD5np-$8&LYL7b<QHuNyPSCzt`(jR%@aU3CtaFvka3jwX<f7
zQ}eRx1#UJs_2z-7!h&NLI=+j_Cm-8>N3D`ZX$qy}jC+cp5+E+3x6asIlCWocRMfW<
z{hQa+PtOvQd?R(@eMi>VKja@JH4zsFKY}_3h2t4MKw-wF#E*^5heeTU3x(s(X4!e!
zZSrD*!7sF)29?+B9$aCqhE0J0rUIyHU%0C^Aq32Y7;6SK3MIO0!@nmjkA}33wRKu1
z?Vp{(?^?C*pPa!j72EeUtM><jR%!g<cYRA1BzfTJoo^S|2t&=fxO(fR!@!rPIVay_
zI^V2ul-T524bGI4x^W^o%eKDM-s~^y8)Iaw!BmIAp`H&xhf0@}HwLgT{+L=lBRMOG
z22~1M!VD>sIgxfOLboW!Sd2I$h0JQ95p@miVdZC`SbkF5D5XNT<D1IwPU^wIleS?B
ztz;FW9rz3hZ-w4N{pTQo>H$ZK4meuKZD4P8rHl!0K~scGFt+?g*m)cx!3Wqy;Xp0)
za7tX5fSoSHK0>&lHD;uvT^CIG1mG`hw=t{Y0lsRednoY~r~&S4k=cD#{+V{P#}@XM
zj9rAlN~Mf+=~|-7+A*w!02|dMwPqB>Tew{VjTG0C3RLQa|JVpt&QyC3R82}p6k@n;
zi=<qEHi>Eo0)nnyqe0>5J|(tmd$I6kv9u`}7;0!skkkZi+%j<E$ZCO5xd50k#rwck
z!;OnCOMnTAy@pw3f<)+KMPAA=Y~EJ9;!aqg6r7Dn@BlRF0T(fn#+ofsLtP;GvS?ar
z|N1lx#8>YS3H<+l_5{@qdi^m6enY}bCPmCN2qjO?<!Dbov>RlqDS{PZ!P_bNT8^Kf
z8uE?|r~-y~>{3`vPguiVptL}X{-u`_6^#au;CyAktWrP~YGn+wlpUB`dR;OxBfBlG
za9{PzZojX7(HeAsP&56pzmOyCHNtnWae^8VD#l<PxG#xqSQ{c?EOw7pFWwsVwu$%V
zT+GNR!8<UFq64@6dT4PMhA;jtugXw#ysYU4VjnJLduv7jnlFd!gs5&FOv5&MqTp>9
zX&Sn(WZ>~t7F#FkG=j3W{>q0oANtscM@Zko6fdUosUWuS=lky{)l_%lh)^kAQ^wsU
zBE;|M<o3v?U-n@WX-Litx}=KxtyR-}!P}}B5IVqwRGyjJPELvKu?4sP7}g2DTY?n-
o=vRGwviPDE%JOC9qSG$H!yS-*p*M(%%^>j6yr-jDrEDGgKZh*ty8r+H

literal 0
HcmV?d00001

diff --git a/public/integrations/channels/badges/tiktok.png b/public/integrations/channels/badges/tiktok.png
new file mode 100644
index 0000000000000000000000000000000000000000..75e933a9b821209a367c4f4c413b29a64f72a892
GIT binary patch
literal 3365
zcma)9dpy)>7ax~g(}f7V)fg1T+z{rSacRi?GOk0BG4nIVm`ihED3?_T)mAjgeZ?v%
zM2I&;Rw~Q7RBolTX>&<=Q%L*%X0)npcR%kRznOWS@ArJqInO!I`F$qE-PKM>K~n(&
zfhalH+jxNAdZI^82K+qsv5o<OtSX^-5qU%xXAGIefRiY!U;r*)ut6LG!CDH~Br+Y~
zL4yG*jfsQ3YG{H%X%rmH*Te<s!o~xkH2Y`{;2G`eMUJME%_%TT3k9qI0}3zz9tkR7
zgfqDq0S+eC#ely>+Xxs`OySXSFrte)6wl%SP!qTb90{{ffMPk65R8Y-o=?W$3I_}2
z@z@vyA~G@(9%%$;ai|ECxw$z4iAJE&h9JX`8^z?21cpqmwn$=G!v^4zIW#tp#$rN6
znxtSBpNE6NKpgr<WDNF-IFtJ+d+;0(0umd6f+G=MlG&jw9*Y~w`WurK_!~nCdBq8v
z&j}aDPaz|KaDV|Yd0dc>`pOX?pncBytFT1KH}X7M$luUK$TxJbHZCqJ0evO^N7f9+
zSMhLpwh`dLeJa9VT5!Fh*Z{%<;IjA}GGH44=A|t@JJ1^j&jCn0zy^G9Ff<ZvVu(T-
zqIY?rOfe>C3<|vyX@o?skX=|5T1eDil8rHF5gGF(8*C>EiAVZ>_$vj%h}g?Pfvx<H
z5q-A7v%*;%FgP#=BXO{wAqPC(ox=*Dg@YK^!)`a!!4|&@Wxi{dAsUVnb47K-xYGnc
zIMId%7M%<BBo1c0ob_kW?{7e{Z%^<lf)17iMU}-kFi2Fumqy`*u4sMUcLtc$KLeur
zg!4rg!kbA0D~c8eC$=Ge#&9rGG~x?4e&0Z%D+a|<$QZJyvMi2xy?p6Bfdk8{<z+a{
z!i5wKFriMNq;Og|79qNb;HLNvF0cNuz#{%6h!uA##-7FnT}1tp53w2)D(+JZi7ZMG
z2V-+s6h0ZCh;szvT}HXA5MCsS16WhR7RAA=LqcfaQA9!A`N82dZYaQkqM>N`F8Fed
zSIi<q0Z{T!t@1@bBK|s~Z!%a;`HRT}+AZ&a6Av7nh?Ut1E>@;5zy$l01J2fUowv9U
zh(rPn?6_|_4V>$z_@^H4JWNn;w@kWSuAlKNn6{4*>uku(Fg)(>Zv@m01TOwCH#QZs
zz2h>cq43u6{Tn~58s721alQWa=fXPDjl4+D^htBv_<YVQ^R8a=E(s^S;-a@%*7j76
zfA@H0XW}@6k1+1GRg~h{YzWxAR{Dci_4ofSy(btmrh8kwD>s3+@m7_-Ol;raeOKO1
zVbPac+A-8J<%qtjb7;q8_p^kS+8?(VzOL#>QI0!TmY5J&QLQkf++?<pcBV+ECOk`a
zEAh$5U(7_%Qh^Yv&fL++^D4KJWjA>`kG6HLJCANS@U(EhkJs(32G8Bn&+M}eIb&ih
zbU3M#jPFyuxFubEBW{~^Th_quO)>prtyetWZd==Dq4CpRL?6Rii>02QoJ257cxhL6
zJ7cy=7WoDq-B>p8?q<CN^(<gmFEyUsJzub=+MZCVR(oq~CR(zS6xxuKl<3hFJ7?aQ
z++BaDUv+ZYIzOit9xIi=qP}^HRm=n5lJabOKd>r_DxyaMl9i(lzEy<|Hr8Im#I{U&
zxF?|A9*3KP8v=>&a5A~V{KR4Rqa^$`scmL00g^vz>YUUVGd&y&)v_r>+30F1A1_qb
zDi9Q>yibG{S{-SA3O_<nN7tMQcu1_N`X#q!XfSUq`Pv|#N3SJ(?8x3V9+Nk|^w#{<
zY+xx#Quoej8Fv^j&Xa0<woTL16khnG2coyM6g&P}<$<*~fk5zX>zla0Lv7-2Gvg-n
z(z($C=hO9^67-zHn5~SB1xY3>&yNccZNW?W!ps)(=rNs<>A5WbAZr8H*V50PwF*mO
zN>7&%%N9aoo+`Ys>)bb1$5Ry;`RCV3O6ElJGYlAJO^%gBqcPlEs4cq4<rm#8*?tGw
z%>3`A1cns)e9tN<i);-+y<<+92kfa=x=?PEwb(kfZ9$bDjGD6)xK9!**x3{J2GZmA
zX6Wv%>r}ZL<X$?Y{iv2{o1W2UOds23TS<I?s>?KOR?$0c@3FW@#kehHt<8~HBc0!_
z(ru(xQYQhwpS?5oXL#u@d3n>|*J;sfQm<wxZjfB{UDx$^MZHp^tYReBWO%=n<|X}u
zKlEn=EHP@wT7Isf_vWN_p_x_$;d6<0DR=xc{_q5*W_+SeSB;()RJ)X~!B^jZ!Sz*U
z7B{H9FDLhMpqt;dk|BQE$ZsEpdM|5APgR`vw*k$oo8hA|Q2B!Lg{;>3k+qknXE&<c
zIB~FQX1*t6yxh_{LCd?6$e%yIG#D@4aCzf<t4gBfUB~XGYbaf=AyPI|Q?)?PNuyc6
zK+bBj`pn4V`WwSBbHmEe?T#lxt#X?it?-q^Ude*r`}Y*B-Xh=f*4x{(rflSe=SW^L
z;h0A6?j^a=H3j6`Rcvj7Fi`5g6c!s@cJ+FZu_yoFt=FruTa-FL{ekA~kjA-)i(^v(
zQPR)%U#JeP@8vrvjl`Baqy?SW1f4;hl<dA579drMDdKF@$%e<B^Fzi}-o$!adCr*K
zgh^bHeqq6@YZ-b$+%QPM=--%oH~j0(s0-*i-2j=vc&rSIJJ>FxPCV)<fqB<>c70ez
zaj)-3VS_<tr&>^YP_1{etjc^?;d~OMVqNp&f&R1y*_*?vEy=N`k;H<4=CGU029qZ`
z>o@qfB|@f~;3i1}0@D)8uhNZi8{Ev)70fm_$4qxULT<`cbCDdCZQQDxr{!T+3h%HC
zYz~2R^}jiS+|-#Xab5Yv`pKF(!c$e-mqhwKxj+-U;R|+>Jcyi3YlYH5x5eWYQ1ev5
z1muv5VeXU7m$p--$FGsg;(Z~f)ABdT2=*{{UYUw~<Y93C`YFkjt6t8djYErfFD{Y}
z^M2LUJpAC^9hAg<jZV|=99vVzOO9;1SWw%SoBNhzHzkx~(;=G*ykjhyX5Xi1m7HE3
zz^RxSwsN*rYjoe*kI=`w*Tbv!%tbtW?4m!Em-}(PM5)=*%A#WR!*$j4gM7Q|Jwto{
z^)lM53Tjqft{5?tnYs!>5GvdFl`8+38Fuv0Z$8HmjK=p~^z%*`x+V`fuZAZb)=|$U
z51n<+iXc=H`>lqy?(D4?JEi9&Y)mcPn(bSb)p~n7vnj~&Vt;4mletIqtin5QoLdz1
z3EE~w*Ry++5?t3BOUz19n_oL*6#K3&Mtr!b7q|ad50=UmK9-}n5)AJ595|e~WBmCw
z<?6wt%4Qcep6R7opZ?_k3?hEIgL*3eexQRkTfYz>J0ZJoXUepUSw*Mu?8{1xG~r9*
z-7^%fgn&>n^h{n>+TGxO89i@Wn^o<jL0^dG#9TP{L#(8|M*Xv&Y@@3_xDF1N?Y<Ee
zQE*pjQf7^O#9rqHJLh-_d&3z_MOX2AkI9&|*{{~z{uzc33kfVdu%NvUE(Iiv_*nW>
zWJ2&(>G2*xiZiQEu5y+Pi{Bv=nc`Rwf%Q}DZ~CtfUT_D49Tfe$aj<o@xw1Pb;eW$y
BNA~~#

literal 0
HcmV?d00001

diff --git a/spec/controllers/api/v1/accounts/tiktok/authorizations_controller_spec.rb b/spec/controllers/api/v1/accounts/tiktok/authorizations_controller_spec.rb
new file mode 100644
index 000000000..54724aba0
--- /dev/null
+++ b/spec/controllers/api/v1/accounts/tiktok/authorizations_controller_spec.rb
@@ -0,0 +1,55 @@
+require 'rails_helper'
+
+RSpec.describe 'TikTok Authorization API', type: :request do
+  let(:account) { create(:account) }
+
+  describe 'POST /api/v1/accounts/{account.id}/tiktok/authorization' do
+    context 'when it is an unauthenticated user' do
+      it 'returns unauthorized' do
+        post "/api/v1/accounts/#{account.id}/tiktok/authorization"
+
+        expect(response).to have_http_status(:unauthorized)
+      end
+    end
+
+    context 'when it is an authenticated user' do
+      let(:agent) { create(:user, account: account, role: :agent) }
+      let(:administrator) { create(:user, account: account, role: :administrator) }
+
+      before do
+        InstallationConfig.where(name: %w[TIKTOK_APP_ID TIKTOK_APP_SECRET]).delete_all
+        GlobalConfig.clear_cache
+      end
+
+      it 'returns unauthorized for agent' do
+        with_modified_env TIKTOK_APP_ID: 'tiktok-app-id', TIKTOK_APP_SECRET: 'tiktok-app-secret' do
+          post "/api/v1/accounts/#{account.id}/tiktok/authorization",
+               headers: agent.create_new_auth_token,
+               as: :json
+        end
+
+        expect(response).to have_http_status(:unauthorized)
+      end
+
+      it 'creates a new authorization and returns the redirect url' do
+        with_modified_env TIKTOK_APP_ID: 'tiktok-app-id', TIKTOK_APP_SECRET: 'tiktok-app-secret' do
+          post "/api/v1/accounts/#{account.id}/tiktok/authorization",
+               headers: administrator.create_new_auth_token,
+               as: :json
+        end
+
+        expect(response).to have_http_status(:success)
+        expect(response.parsed_body['success']).to be true
+
+        helper = Class.new do
+          include Tiktok::IntegrationHelper
+        end.new
+
+        expected_state = helper.generate_tiktok_token(account.id)
+        expected_url = Tiktok::AuthClient.authorize_url(state: expected_state)
+
+        expect(response.parsed_body['url']).to eq(expected_url)
+      end
+    end
+  end
+end
diff --git a/spec/controllers/tiktok/callbacks_controller_spec.rb b/spec/controllers/tiktok/callbacks_controller_spec.rb
new file mode 100644
index 000000000..e226af64a
--- /dev/null
+++ b/spec/controllers/tiktok/callbacks_controller_spec.rb
@@ -0,0 +1,139 @@
+require 'rails_helper'
+
+RSpec.describe 'TikTok Callbacks', type: :request do
+  let(:account) { create(:account) }
+
+  let(:client_secret) { 'tiktok-app-secret' }
+  let(:client_id) { 'tiktok-app-id' }
+
+  let(:token_endpoint) { 'https://business-api.tiktok.com/open_api/v1.3/tt_user/oauth2/token/' }
+  let(:business_endpoint) { 'https://business-api.tiktok.com/open_api/v1.3/business/get/' }
+
+  let(:tiktok_access_token) { 'access-token-1' }
+  let(:tiktok_refresh_token) { 'refresh-token-1' }
+  let(:tiktok_business_id) { 'biz-123' }
+
+  let(:token_response) do
+    {
+      code: 0,
+      message: 'ok',
+      data: {
+        open_id: tiktok_business_id,
+        scope: Tiktok::AuthClient::REQUIRED_SCOPES.join(','),
+        access_token: tiktok_access_token,
+        refresh_token: tiktok_refresh_token,
+        expires_in: 86_400,
+        refresh_token_expires_in: 2_592_000
+      }
+    }.to_json
+  end
+
+  let(:business_response) do
+    {
+      code: 0,
+      message: 'ok',
+      data: {
+        username: 'tiktok_user',
+        display_name: 'TikTok Display Name',
+        profile_image: 'https://www.example.com/avatar.png'
+      }
+    }.to_json
+  end
+
+  let(:state) do
+    JWT.encode({ sub: account.id, iat: Time.current.to_i }, client_secret, 'HS256')
+  end
+
+  before do
+    InstallationConfig.where(name: %w[TIKTOK_APP_ID TIKTOK_APP_SECRET]).delete_all
+    GlobalConfig.clear_cache
+
+    stub_request(:post, token_endpoint).to_return(status: 200, body: token_response, headers: { 'Content-Type' => 'application/json' })
+    stub_request(:get, business_endpoint)
+      .with(query: hash_including('business_id' => tiktok_business_id))
+      .to_return(status: 200, body: business_response, headers: { 'Content-Type' => 'application/json' })
+  end
+
+  it 'creates channel and inbox and redirects to agents step for new connections' do
+    expect(Avatar::AvatarFromUrlJob).to receive(:perform_later).with(instance_of(Inbox), 'https://www.example.com/avatar.png')
+
+    with_modified_env TIKTOK_APP_ID: client_id, TIKTOK_APP_SECRET: client_secret do
+      expect do
+        get '/tiktok/callback', params: { code: 'valid_code', state: state }
+      end.to change(Channel::Tiktok, :count).by(1).and change(Inbox, :count).by(1)
+    end
+
+    inbox = Inbox.last
+    channel = inbox.channel
+
+    expect(channel.business_id).to eq(tiktok_business_id)
+    expect(channel.access_token).to eq(tiktok_access_token)
+    expect(channel.refresh_token).to eq(tiktok_refresh_token)
+
+    expect(response).to redirect_to(app_tiktok_inbox_agents_url(account_id: account.id, inbox_id: inbox.id))
+  end
+
+  it 'updates an existing channel and redirects to settings' do
+    existing_channel = create(
+      :channel_tiktok,
+      account: account,
+      business_id: tiktok_business_id,
+      access_token: 'old-access-token',
+      refresh_token: 'old-refresh-token',
+      expires_at: 1.hour.ago,
+      refresh_token_expires_at: 1.day.from_now
+    )
+    existing_channel.inbox.update!(name: 'Old Name')
+
+    with_modified_env TIKTOK_APP_ID: client_id, TIKTOK_APP_SECRET: client_secret do
+      expect do
+        get '/tiktok/callback', params: { code: 'valid_code', state: state }
+      end.to not_change(Channel::Tiktok, :count).and not_change(Inbox, :count)
+    end
+
+    existing_channel.reload
+    inbox = existing_channel.inbox.reload
+
+    expect(existing_channel.access_token).to eq(tiktok_access_token)
+    expect(existing_channel.refresh_token).to eq(tiktok_refresh_token)
+    expect(inbox.name).to eq('TikTok Display Name')
+
+    expect(response).to redirect_to(app_tiktok_inbox_settings_url(account_id: account.id, inbox_id: inbox.id))
+  end
+
+  it 'redirects to error page when user denies authorization' do
+    with_modified_env TIKTOK_APP_ID: client_id, TIKTOK_APP_SECRET: client_secret do
+      get '/tiktok/callback', params: { error: 'access_denied', error_description: 'User cancelled', error_code: '400', state: state }
+    end
+
+    expect(response).to redirect_to(
+      app_new_tiktok_inbox_url(
+        account_id: account.id,
+        error_type: 'access_denied',
+        code: '400',
+        error_message: 'User cancelled'
+      )
+    )
+  end
+
+  it 'redirects to error page when required scopes are not granted' do
+    stub_request(:post, token_endpoint).to_return(
+      status: 200,
+      body: JSON.parse(token_response).deep_merge('data' => { 'scope' => 'user.info.basic' }).to_json,
+      headers: { 'Content-Type' => 'application/json' }
+    )
+
+    with_modified_env TIKTOK_APP_ID: client_id, TIKTOK_APP_SECRET: client_secret do
+      get '/tiktok/callback', params: { code: 'valid_code', state: state }
+    end
+
+    expect(response).to redirect_to(
+      app_new_tiktok_inbox_url(
+        account_id: account.id,
+        error_type: 'ungranted_scopes',
+        code: 400,
+        error_message: 'User did not grant all the required scopes'
+      )
+    )
+  end
+end
diff --git a/spec/controllers/webhooks/tiktok_controller_spec.rb b/spec/controllers/webhooks/tiktok_controller_spec.rb
new file mode 100644
index 000000000..eafb412f0
--- /dev/null
+++ b/spec/controllers/webhooks/tiktok_controller_spec.rb
@@ -0,0 +1,64 @@
+require 'rails_helper'
+
+RSpec.describe 'Webhooks::TiktokController', type: :request do
+  let(:client_secret) { 'test-tiktok-secret' }
+  let(:timestamp) { Time.current.to_i }
+  let(:event_payload) do
+    {
+      event: 'im_receive_msg',
+      user_openid: 'biz-123',
+      content: { conversation_id: 'tt-conv-1' }.to_json
+    }
+  end
+
+  def signature_for(body)
+    OpenSSL::HMAC.hexdigest('SHA256', client_secret, "#{timestamp}.#{body}")
+  end
+
+  before do
+    InstallationConfig.where(name: 'TIKTOK_APP_SECRET').delete_all
+    GlobalConfig.clear_cache
+  end
+
+  it 'enqueues the events job for valid signature' do
+    allow(Webhooks::TiktokEventsJob).to receive(:perform_later)
+
+    body = event_payload.to_json
+    with_modified_env TIKTOK_APP_SECRET: client_secret do
+      post '/webhooks/tiktok',
+           params: body,
+           headers: { 'CONTENT_TYPE' => 'application/json', 'Tiktok-Signature' => "t=#{timestamp},s=#{signature_for(body)}" }
+    end
+
+    expect(response).to have_http_status(:success)
+    expect(Webhooks::TiktokEventsJob).to have_received(:perform_later)
+  end
+
+  it 'delays processing by 2 seconds for echo events' do
+    job_double = class_double(Webhooks::TiktokEventsJob)
+    allow(Webhooks::TiktokEventsJob).to receive(:set).with(wait: 2.seconds).and_return(job_double)
+    allow(job_double).to receive(:perform_later)
+
+    body = event_payload.to_json
+    with_modified_env TIKTOK_APP_SECRET: client_secret do
+      post '/webhooks/tiktok?event=im_send_msg',
+           params: body,
+           headers: { 'CONTENT_TYPE' => 'application/json', 'Tiktok-Signature' => "t=#{timestamp},s=#{signature_for(body)}" }
+    end
+
+    expect(response).to have_http_status(:success)
+    expect(Webhooks::TiktokEventsJob).to have_received(:set).with(wait: 2.seconds)
+    expect(job_double).to have_received(:perform_later)
+  end
+
+  it 'returns unauthorized for invalid signature' do
+    body = event_payload.to_json
+    with_modified_env TIKTOK_APP_SECRET: client_secret do
+      post '/webhooks/tiktok',
+           params: body,
+           headers: { 'CONTENT_TYPE' => 'application/json', 'Tiktok-Signature' => "t=#{timestamp},s=#{'0' * 64}" }
+    end
+
+    expect(response).to have_http_status(:unauthorized)
+  end
+end
diff --git a/spec/factories/channel/channel_tiktok.rb b/spec/factories/channel/channel_tiktok.rb
new file mode 100644
index 000000000..eac0a8333
--- /dev/null
+++ b/spec/factories/channel/channel_tiktok.rb
@@ -0,0 +1,16 @@
+# frozen_string_literal: true
+
+FactoryBot.define do
+  factory :channel_tiktok, class: 'Channel::Tiktok' do
+    account
+    business_id { SecureRandom.hex(16) }
+    access_token { SecureRandom.hex(32) }
+    refresh_token { SecureRandom.hex(32) }
+    expires_at { 1.day.from_now }
+    refresh_token_expires_at { 30.days.from_now }
+
+    after(:create) do |channel|
+      create(:inbox, channel: channel, account: channel.account)
+    end
+  end
+end
diff --git a/spec/jobs/send_reply_job_spec.rb b/spec/jobs/send_reply_job_spec.rb
index 11d3f6b04..46d8e5e56 100644
--- a/spec/jobs/send_reply_job_spec.rb
+++ b/spec/jobs/send_reply_job_spec.rb
@@ -135,5 +135,14 @@ RSpec.describe SendReplyJob do
       expect(process_service).to receive(:perform)
       described_class.perform_now(message.id)
     end
+
+    it 'calls ::Tiktok::SendOnTiktokService when its tiktok message' do
+      tiktok_channel = create(:channel_tiktok)
+      message = create(:message, conversation: create(:conversation, inbox: tiktok_channel.inbox))
+      allow(Tiktok::SendOnTiktokService).to receive(:new).with(message: message).and_return(process_service)
+      expect(Tiktok::SendOnTiktokService).to receive(:new).with(message: message)
+      expect(process_service).to receive(:perform)
+      described_class.perform_now(message.id)
+    end
   end
 end
diff --git a/spec/jobs/webhooks/tiktok_events_job_spec.rb b/spec/jobs/webhooks/tiktok_events_job_spec.rb
new file mode 100644
index 000000000..297f16b64
--- /dev/null
+++ b/spec/jobs/webhooks/tiktok_events_job_spec.rb
@@ -0,0 +1,91 @@
+require 'rails_helper'
+
+RSpec.describe Webhooks::TiktokEventsJob do
+  let(:account) { create(:account) }
+  let!(:channel) { create(:channel_tiktok, account: account, business_id: 'biz-123') }
+  let(:job) { described_class.new }
+
+  before do
+    allow(job).to receive(:with_lock).and_yield
+  end
+
+  describe '#perform' do
+    it 'processes im_receive_msg events via Tiktok::MessageService' do
+      message_service = instance_double(Tiktok::MessageService, perform: true)
+      allow(Tiktok::MessageService).to receive(:new).and_return(message_service)
+
+      event = {
+        event: 'im_receive_msg',
+        user_openid: 'biz-123',
+        content: { conversation_id: 'tt-conv-1' }.to_json
+      }
+
+      job.perform(event)
+
+      expect(Tiktok::MessageService).to have_received(:new).with(channel: channel, content: hash_including(conversation_id: 'tt-conv-1'))
+      expect(message_service).to have_received(:perform)
+    end
+
+    it 'processes im_mark_read_msg events via Tiktok::ReadStatusService' do
+      read_status_service = instance_double(Tiktok::ReadStatusService, perform: true)
+      allow(Tiktok::ReadStatusService).to receive(:new).and_return(read_status_service)
+
+      event = {
+        event: 'im_mark_read_msg',
+        user_openid: 'biz-123',
+        content: { conversation_id: 'tt-conv-1', read: { last_read_timestamp: 1_700_000_000_000 }, from_user: { id: 'user-1' } }.to_json
+      }
+
+      job.perform(event)
+
+      expect(Tiktok::ReadStatusService).to have_received(:new).with(channel: channel, content: hash_including(conversation_id: 'tt-conv-1'))
+      expect(read_status_service).to have_received(:perform)
+    end
+
+    it 'ignores unsupported event types' do
+      allow(Tiktok::MessageService).to receive(:new)
+
+      event = {
+        event: 'unknown_event',
+        user_openid: 'biz-123',
+        content: { conversation_id: 'tt-conv-1' }.to_json
+      }
+
+      job.perform(event)
+
+      expect(Tiktok::MessageService).not_to have_received(:new)
+    end
+
+    it 'does nothing when channel is missing' do
+      allow(Tiktok::MessageService).to receive(:new)
+
+      event = {
+        event: 'im_receive_msg',
+        user_openid: 'biz-does-not-exist',
+        content: { conversation_id: 'tt-conv-1' }.to_json
+      }
+
+      job.perform(event)
+
+      expect(Tiktok::MessageService).not_to have_received(:new)
+    end
+
+    it 'does nothing when account is inactive' do
+      allow(Channel::Tiktok).to receive(:find_by).and_return(channel)
+      allow(channel.account).to receive(:active?).and_return(false)
+
+      message_service = instance_double(Tiktok::MessageService, perform: true)
+      allow(Tiktok::MessageService).to receive(:new).and_return(message_service)
+
+      event = {
+        event: 'im_receive_msg',
+        user_openid: 'biz-123',
+        content: { conversation_id: 'tt-conv-1' }.to_json
+      }
+
+      job.perform(event)
+
+      expect(Tiktok::MessageService).not_to have_received(:new)
+    end
+  end
+end
diff --git a/spec/models/attachment_spec.rb b/spec/models/attachment_spec.rb
index f2460a30f..f668576e3 100644
--- a/spec/models/attachment_spec.rb
+++ b/spec/models/attachment_spec.rb
@@ -155,6 +155,14 @@ RSpec.describe Attachment do
     end
   end
 
+  describe 'push_event_data for embed attachments' do
+    it 'returns external url as data_url' do
+      attachment = message.attachments.create!(account_id: message.account_id, file_type: :embed, external_url: 'https://example.com/embed')
+
+      expect(attachment.push_event_data[:data_url]).to eq('https://example.com/embed')
+    end
+  end
+
   describe 'file size validation' do
     let(:attachment) { message.attachments.new(account_id: message.account_id, file_type: :image) }
 
diff --git a/spec/services/tiktok/message_service_spec.rb b/spec/services/tiktok/message_service_spec.rb
new file mode 100644
index 000000000..fbef64336
--- /dev/null
+++ b/spec/services/tiktok/message_service_spec.rb
@@ -0,0 +1,117 @@
+require 'rails_helper'
+
+RSpec.describe Tiktok::MessageService do
+  let(:account) { create(:account) }
+  let(:channel) { create(:channel_tiktok, account: account, business_id: 'biz-123') }
+  let(:inbox) { channel.inbox }
+  let(:contact) { create(:contact, account: account) }
+  let(:contact_inbox) { create(:contact_inbox, inbox: inbox, contact: contact, source_id: 'tt-conv-1') }
+
+  describe '#perform' do
+    it 'creates an incoming text message' do
+      content = {
+        type: 'text',
+        message_id: 'tt-msg-1',
+        timestamp: 1_700_000_000_000,
+        conversation_id: 'tt-conv-1',
+        text: { body: 'Hello from TikTok' },
+        from: 'Alice',
+        from_user: { id: 'user-1' },
+        to: 'Biz',
+        to_user: { id: 'biz-123' }
+      }.deep_symbolize_keys
+
+      expect do
+        service = described_class.new(channel: channel, content: content)
+        allow(service).to receive(:create_contact_inbox).and_return(contact_inbox)
+        service.perform
+      end.to change(Message, :count).by(1)
+
+      message = Message.last
+      expect(message.inbox).to eq(inbox)
+      expect(message.message_type).to eq('incoming')
+      expect(message.content).to eq('Hello from TikTok')
+      expect(message.source_id).to eq('tt-msg-1')
+      expect(message.sender).to eq(contact)
+      expect(message.content_attributes['is_unsupported']).to be_nil
+    end
+
+    it 'creates an incoming unsupported message for non-supported types' do
+      content = {
+        type: 'sticker',
+        message_id: 'tt-msg-2',
+        timestamp: 1_700_000_000_000,
+        conversation_id: 'tt-conv-1',
+        from: 'Alice',
+        from_user: { id: 'user-1' },
+        to: 'Biz',
+        to_user: { id: 'biz-123' }
+      }.deep_symbolize_keys
+
+      service = described_class.new(channel: channel, content: content)
+      allow(service).to receive(:create_contact_inbox).and_return(contact_inbox)
+      service.perform
+
+      message = Message.last
+      expect(message.content).to be_nil
+      expect(message.content_attributes['is_unsupported']).to be true
+    end
+
+    it 'creates an incoming embed attachment for share_post messages' do
+      content = {
+        type: 'share_post',
+        message_id: 'tt-msg-3',
+        timestamp: 1_700_000_000_000,
+        conversation_id: 'tt-conv-1',
+        share_post: { embed_url: 'https://www.tiktok.com/embed/123' },
+        from: 'Alice',
+        from_user: { id: 'user-1' },
+        to: 'Biz',
+        to_user: { id: 'biz-123' }
+      }.deep_symbolize_keys
+
+      service = described_class.new(channel: channel, content: content)
+      allow(service).to receive(:create_contact_inbox).and_return(contact_inbox)
+      service.perform
+
+      message = Message.last
+      expect(message.attachments.count).to eq(1)
+      attachment = message.attachments.last
+      expect(attachment.file_type).to eq('embed')
+      expect(attachment.external_url).to eq('https://www.tiktok.com/embed/123')
+    end
+
+    it 'creates an incoming image attachment when media is present' do
+      content = {
+        type: 'image',
+        message_id: 'tt-msg-4',
+        timestamp: 1_700_000_000_000,
+        conversation_id: 'tt-conv-1',
+        image: { media_id: 'media-1' },
+        from: 'Alice',
+        from_user: { id: 'user-1' },
+        to: 'Biz',
+        to_user: { id: 'biz-123' }
+      }.deep_symbolize_keys
+
+      tempfile = Tempfile.new(['tiktok', '.png'])
+      tempfile.write('fake-image')
+      tempfile.rewind
+      tempfile.define_singleton_method(:original_filename) { 'tiktok.png' }
+      tempfile.define_singleton_method(:content_type) { 'image/png' }
+
+      service = described_class.new(channel: channel, content: content)
+      allow(service).to receive(:create_contact_inbox).and_return(contact_inbox)
+      allow(service).to receive(:fetch_attachment).and_return(tempfile)
+
+      service.perform
+
+      message = Message.last
+      expect(message.attachments.count).to eq(1)
+      expect(message.attachments.last.file_type).to eq('image')
+      expect(message.attachments.last.file).to be_attached
+    ensure
+      tempfile.close!
+    end
+  end
+end
diff --git a/spec/services/tiktok/read_status_service_spec.rb b/spec/services/tiktok/read_status_service_spec.rb
new file mode 100644
index 000000000..f0ec116ff
--- /dev/null
+++ b/spec/services/tiktok/read_status_service_spec.rb
@@ -0,0 +1,35 @@
+require 'rails_helper'
+
+RSpec.describe Tiktok::ReadStatusService do
+  let(:account) { create(:account) }
+  let(:channel) { create(:channel_tiktok, account: account, business_id: 'biz-123') }
+  let(:inbox) { channel.inbox }
+  let(:contact) { create(:contact, account: account) }
+  let(:contact_inbox) { create(:contact_inbox, inbox: inbox, contact: contact, source_id: 'tt-conv-1') }
+  let!(:conversation) do
+    create(
+      :conversation,
+      account: account,
+      inbox: inbox,
+      contact: contact,
+      contact_inbox: contact_inbox,
+      additional_attributes: { conversation_id: 'tt-conv-1' }
+    )
+  end
+
+  describe '#perform' do
+    it 'enqueues Conversations::UpdateMessageStatusJob for inbound read events' do
+      allow(Conversations::UpdateMessageStatusJob).to receive(:perform_later)
+
+      content = {
+        conversation_id: 'tt-conv-1',
+        read: { last_read_timestamp: 1_700_000_000_000 },
+        from_user: { id: 'user-1' }
+      }.deep_symbolize_keys
+
+      described_class.new(channel: channel, content: content).perform
+
+      expect(Conversations::UpdateMessageStatusJob).to have_received(:perform_later).with(conversation.id, kind_of(Time))
+    end
+  end
+end
diff --git a/spec/services/tiktok/send_on_tiktok_service_spec.rb b/spec/services/tiktok/send_on_tiktok_service_spec.rb
new file mode 100644
index 000000000..0543fa695
--- /dev/null
+++ b/spec/services/tiktok/send_on_tiktok_service_spec.rb
@@ -0,0 +1,71 @@
+require 'rails_helper'
+
+RSpec.describe Tiktok::SendOnTiktokService do
+  let(:tiktok_client) { instance_double(Tiktok::Client) }
+  let(:status_update_service) { instance_double(Messages::StatusUpdateService, perform: true) }
+
+  let(:channel) { create(:channel_tiktok, business_id: 'biz-123') }
+  let(:inbox) { channel.inbox }
+  let(:contact) { create(:contact, account: inbox.account) }
+  let(:contact_inbox) { create(:contact_inbox, inbox: inbox, contact: contact, source_id: 'tt-conv-1') }
+  let(:conversation) do
+    create(
+      :conversation,
+      inbox: inbox,
+      contact: contact,
+      contact_inbox: contact_inbox,
+      additional_attributes: { conversation_id: 'tt-conv-1' }
+    )
+  end
+
+  before do
+    allow(channel).to receive(:validated_access_token).and_return('valid-access-token')
+    allow(Tiktok::Client).to receive(:new).and_return(tiktok_client)
+    allow(Messages::StatusUpdateService).to receive(:new).and_return(status_update_service)
+  end
+
+  describe '#perform' do
+    it 'sends outgoing text message and updates source_id' do
+      allow(tiktok_client).to receive(:send_text_message).and_return('tt-msg-123')
+
+      message = create(:message, message_type: :outgoing, inbox: inbox, conversation: conversation, account: inbox.account, content: 'Hello')
+      message.update!(source_id: nil)
+
+      described_class.new(message: message).perform
+
+      expect(tiktok_client).to have_received(:send_text_message).with('tt-conv-1', 'Hello', referenced_message_id: nil)
+      expect(message.reload.source_id).to eq('tt-msg-123')
+      expect(Messages::StatusUpdateService).to have_received(:new).with(message, 'delivered')
+    end
+
+    it 'sends outgoing image message when a single attachment is present' do
+      allow(tiktok_client).to receive(:send_media_message).and_return('tt-msg-124')
+
+      message = build(:message, message_type: :outgoing, inbox: inbox, conversation: conversation, account: inbox.account, content: nil)
+      attachment = message.attachments.new(account_id: message.account_id, file_type: :image)
+      attachment.file.attach(io: Rails.root.join('spec/assets/avatar.png').open, filename: 'avatar.png', content_type: 'image/png')
+      message.save!
+
+      described_class.new(message: message).perform
+
+      expect(tiktok_client).to have_received(:send_media_message).with('tt-conv-1', message.attachments.first, referenced_message_id: nil)
+      expect(message.reload.source_id).to eq('tt-msg-124')
+    end
+
+    it 'marks message as failed when sending multiple attachments' do
+      allow(tiktok_client).to receive(:send_media_message)
+
+      message = build(:message, message_type: :outgoing, inbox: inbox, conversation: conversation, account: inbox.account, content: nil)
+      a1 = message.attachments.new(account_id: message.account_id, file_type: :image)
+      a1.file.attach(io: Rails.root.join('spec/assets/avatar.png').open, filename: 'avatar.png', content_type: 'image/png')
+      a2 = message.attachments.new(account_id: message.account_id, file_type: :image)
+      a2.file.attach(io: Rails.root.join('spec/assets/avatar.png').open, filename: 'avatar.png', content_type: 'image/png')
+      message.save!
+
+      described_class.new(message: message).perform
+
+      expect(Messages::StatusUpdateService).to have_received(:new).with(message, 'failed', kind_of(String))
+      expect(tiktok_client).not_to have_received(:send_media_message)
+    end
+  end
+end
diff --git a/spec/services/tiktok/token_service_spec.rb b/spec/services/tiktok/token_service_spec.rb
new file mode 100644
index 000000000..903430a9e
--- /dev/null
+++ b/spec/services/tiktok/token_service_spec.rb
@@ -0,0 +1,57 @@
+require 'rails_helper'
+
+RSpec.describe Tiktok::TokenService do
+  let(:channel) do
+    create(
+      :channel_tiktok,
+      access_token: 'old-access-token',
+      refresh_token: 'old-refresh-token',
+      expires_at: 1.minute.ago,
+      refresh_token_expires_at: 1.day.from_now
+    )
+  end
+
+  describe '#access_token' do
+    it 'returns current token when it is still valid' do
+      channel.update!(expires_at: 10.minutes.from_now)
+      allow(Tiktok::AuthClient).to receive(:renew_short_term_access_token)
+
+      token = described_class.new(channel: channel).access_token
+
+      expect(token).to eq('old-access-token')
+      expect(Tiktok::AuthClient).not_to have_received(:renew_short_term_access_token)
+    end
+
+    it 'refreshes access token when expired and refresh token is valid' do
+      lock_manager = instance_double(Redis::LockManager, lock: true, unlock: true)
+      allow(Redis::LockManager).to receive(:new).and_return(lock_manager)
+
+      allow(Tiktok::AuthClient).to receive(:renew_short_term_access_token).and_return(
+        {
+          access_token: 'new-access-token',
+          refresh_token: 'new-refresh-token',
+          expires_at: 1.day.from_now,
+          refresh_token_expires_at: 30.days.from_now
+        }.with_indifferent_access
+      )
+
+      token = described_class.new(channel: channel).access_token
+
+      expect(token).to eq('new-access-token')
+      expect(channel.reload.access_token).to eq('new-access-token')
+      expect(channel.refresh_token).to eq('new-refresh-token')
+    end
+
+    it 'prompts reauthorization when both access and refresh tokens are expired' do
+      channel.update!(expires_at: 1.day.ago, refresh_token_expires_at: 1.minute.ago)
+
+      allow(channel).to receive(:reauthorization_required?).and_return(false)
+      allow(channel).to receive(:prompt_reauthorization!)
+
+      token = described_class.new(channel: channel).access_token
+
+      expect(token).to eq('old-access-token')
+      expect(channel).to have_received(:prompt_reauthorization!)
+    end
+  end
+end
diff --git a/theme/icons.js b/theme/icons.js
index 52ead63a3..6e7df16a4 100644
--- a/theme/icons.js
+++ b/theme/icons.js
@@ -139,6 +139,11 @@ export const icons = {
     width: 12,
     height: 12,
   },
+  tiktok: {
+    body: `<path d="M10.206,2.759C9.273,2.15 8.708,1.114 8.708,0L6.341,0L6.337,9.482C6.295,10.578 5.372,11.435 4.276,11.391C3.18,11.35 2.323,10.426 2.366,9.33C2.408,8.262 3.285,7.419 4.354,7.419C4.554,7.419 4.751,7.451 4.94,7.511L4.94,5.094C4.744,5.066 4.549,5.052 4.354,5.05C1.953,5.05 0,7.003 0,9.404C0.005,11.807 1.951,13.755 4.356,13.758C6.757,13.758 8.71,11.805 8.71,9.404L8.71,4.597C9.668,5.287 10.819,5.659 12,5.657L12,3.29C11.361,3.292 10.739,3.106 10.206,2.759Z" fill="currentColor"/>`,
+    width: 12,
+    height: 14,
+  },
   messenger: {
     body: `<path fill-rule="evenodd" clip-rule="evenodd" d="M.333 7a6.667 6.667 0 1 1 3.221 5.709l-2.033.597a.667.667 0 0 1-.827-.827l.598-2.033A6.64 6.64 0 0 1 .333 7M5.53 5.53c.26-.26.682-.26.942 0L8 7.057 9.529 5.53a.667.667 0 1 1 .942.943l-2 2a.667.667 0 0 1-.942 0L6 6.943 4.471 8.472a.667.667 0 1 1-.942-.943z" fill="currentColor"/>`,
     width: 14,