Skip to main content
Deployed apps that integrate with external services (GitHub, Slack, Shopify, LLM providers, etc.) need credentials configured before users can use them. The framework provides admin and user interfaces for managing these credentials.

Admin service configuration

Admins configure service credentials at /admin/services. This page lists all services declared in the app’s scopes.json and shows their connection status.
Services list page
Access requires admin-level scopes.

Configuring a service

Click a service to configure it at /admin/services/:id. The configuration depends on the service’s auth type:
Auth typeAdmin configuration
OAuth2OAuth client ID and client secret from the provider
CustomService-specific fields (API keys, base URLs, etc.)
NoneNo configuration needed
Service configuration page
Admin-level service settings (base URLs, API versions, feature flags) are configured here as well. These settings are defined by the service’s SERVICE_CONFIGURATION_OPTIONS — see Service configuration for how services define these options.

User service connections

For services that use per-user credentials (OAuth2 services where each user connects their own account), users connect their accounts through the app’s connection panel.
User service connections

Credential models

ModelHow it works
Admin-configuredAdmin enters credentials once. All users share these credentials.
Per-userEach user connects their own account. Requests use the individual user’s credentials.
Either model can be used with any auth type — OAuth2 services can be configured at the admin level or per-user, and API key services can be shared or user-provided. App code does not need to know which model is in use. The service client resolves the correct credentials automatically based on the authenticated user’s context. See Services Framework for how services are defined, and Using a service for how apps consume them.