This topic was automatically generated from Slack. You can find the original thread here.
Quick question: when managing external-user workflows for Gmail, Google Drive, Slack, and Notion, do we need to bring our own custom OAuth client for each service?
Check the uses cases for Pipedream vs. Custom OAuth clients: OAuth Clients - Pipedream
Hey , @U05A7KLNALC
We’re working on integrating workflows involving services like Gmail, Google Drive, Slack, etc., where we want to enable our platform users to automate tasks via Pipedream workflows.
Our goal is to allow users to configure all necessary authentications directly within our platform, so workflows can run seamlessly without them needing to visit Pipedream separately. Initially, we planned to leverage Pipedream’s built-in OAuth handling for this.
However, based on the documentation, it seems that in order to support external users and access their data through these services, we’ll need to use our own custom OAuth clients for each integration. Could you confirm if that’s correct, and whether there are any exceptions or best practices we should be aware of?
Thanks!
Yes, your understanding is correct: when you want your external users to connect their own Gmail, Google Drive, Slack, Notion, etc. accounts via your platform (not directly on Pipedream), you must bring your own custom OAuth client for each service. ### Details and Confirmation - From the docs: > When using OAuth apps (like Google Drive, Slack, Notion, etc.) with your end users, you must use your own custom OAuth clients. - Why? Pipedream’s built-in OAuth clients are intended for use within the Pipedream UI or for your own account. They cannot be used to connect external users’ accounts via your platform for workflow automation. - What you need to do: 1. Register your own OAuth app with each third-party service (Gmail, Google Drive, Slack, Notion, etc.). 2. Add your OAuth client credentials to Pipedream. 3. Use your oauthAppId when connecting accounts for your users. ### Exceptions - Internal/Single-User Use: If you are only connecting your own accounts (not external users), you can use Pipedream’s built-in OAuth clients. - Prebuilt Tools/Embed: For some “prebuilt tools” or embedded actions, Pipedream’s OAuth client may be used, but for user-specific workflow automation, you must use your own client. ### Best Practices - Register separate OAuth apps for each integration (Gmail, Google Drive, Slack, Notion, etc.). - Limit OAuth scopes to only what your workflows require. - Follow each provider’s branding and security guidelines when registering your OAuth app. - Add your OAuth client credentials to Pipedream as described in the docs. - Test the OAuth flow end-to-end with a test user before rolling out to production. ### References - Pipedream Managed Auth Docs - Pipedream OAuth Client Requirements If you have any more questions or run into issues, feel free to ask or visit Support - Pipedream for more support options.
You won’t need custom OAuth clients for pre-built tools in our registry
Or when using the Connect API Proxy