Skip to content
Specor

Live Metrics

A Metric node usually captures an intention — a name, a unit, a target value, and a direction (up or down). The live metrics integration makes it real: connect an analytics provider, bind a Metric to an actual query, and Specor shows the current value on the node and on a metrics dashboard, compared against its target.

This is the first time real-world data flows into your product graph: a Feature’s success metric reading “4.2% vs a 6% target — off track” instead of a number someone typed last quarter.

Supported providers

ProviderStatusCredentials
PostHogAvailablePersonal API key + project ID (+ host)
Google Analytics 4AvailableService-account key (JSON) + property ID
Amplitude, MixpanelPlanned

Providers sit behind a common adapter, so a single workspace can connect more than one at once and bind different metrics to different providers — one dashboard, every source.

How it works

  • Credentials are per-workspace and encrypted at rest. An admin connects a provider in Settings → Integrations. Secrets (the PostHog API key, the GA4 service-account key) are encrypted with an app-held key, never logged, and never returned — only a masked hint or the non-secret identifiers (project/property ID, service-account email) are shown.
  • Bindings are versioned. Pointing a Metric at a provider query is stored as a normal change in the metric’s history — diffable and rollback-safe, just like editing any other field. Editors can bind; viewers can read.
  • Values are observations, not facts. Live values are fetched on demand, cached, and refreshed in the background. They are never written to the event log — that would pollute your product’s canonical history. The cache keeps a short history for sparklines.
  • Outages degrade gracefully. If a provider is slow or down, Specor shows the last cached value flagged as stale rather than hanging or erroring.

Live metrics are a paid-plan feature (Team and above) and use no AI credits — binding is manual.

Connecting PostHog

  1. In Specor, go to Settings → Integrations and open the PostHog card (you must be a workspace admin).
  2. Create a personal API key in PostHog (Settings → Personal API keys) with read access to Insights/Queries, scoped to the project you want to read. Note: project keys (phc_…) are write-only and won’t work — you need a personal key (phx_…).
  3. Paste the key, enter your Project ID (Settings → Project, or the /project/<id> URL), set the Host (e.g. https://us.posthog.com), and click Connect.
  4. Use Test connection to confirm the credentials work.

You bind PostHog metrics to insights — the existing trends/insights in your project.

Connecting Google Analytics 4

  1. In Google Cloud, create a service account and download a JSON key, then enable the Google Analytics Data API for that project.
  2. In GA4 → Admin → Property Access Management, add the service account’s email as a Viewer.
  3. In Specor, open the Google Analytics 4 card in Settings → Integrations, enter the numeric Property ID (Admin → Property Settings), paste the full service-account JSON key, and click Connect.
  4. Use Test connection to verify.

You bind GA4 metrics to a metric name (e.g. activeUsers, conversions, sessions), evaluated over a date range.

Binding a Metric

  1. Open a Metric node and find the Live value card.
  2. Click Bind to provider. If more than one provider is connected, pick which one, then choose the insight (PostHog) or metric (GA4).
  3. Specor fetches the current value immediately and shows it against the metric’s target, with an on-track / off-track badge derived from the target value and direction.

To stop tracking, open the metric and choose Unbind — the metric stays in your graph and on the dashboard, just no longer connected to a provider.

The Metrics dashboard and Overview

  • The Metrics tab lists every Metric in your product. Connected ones show their live value vs. target; the rest appear as Not connected and are ready to bind.
  • The Overview tab surfaces a compact health glance of connected metrics, highlighting any that are off track.

Security

  • Provider credentials are encrypted at rest and never returned to clients.
  • Admins connect/disconnect a provider and test the connection; editors bind metrics; viewers can read values.
  • Outbound provider calls are timed out, size-capped, and host-restricted (SSRF-protected); responses are validated and coerced to numbers before storage.