Connections
Add API key, basic auth, OAuth, and other auth methods to toolkit apps.
A connection is the authentication configuration users create once and reuse across actions and triggers. Define connections with toolkit factories, then register them on createApp({ connections: [...] }).
Connection ids must follow <app-id>_connection_<connection-name> (for example slack_connection_oauth2).
Connection factories
| Factory | Type | Typical use |
|---|---|---|
createApiKeyConnection | apiKey | Bearer or API key headers |
createBasicAuthConnection | basic auth | Username and password |
createOAuth2Connection | OAuth 2.0 | Authorisation-code style OAuth |
createOAuthProvider | OAuth provider metadata | Shared provider settings for OAuth flows |
createKeyPairConnection | key pair | Certificates or asymmetric keys |
createDatabaseConnection | database | Database credentials |
API key example
Using connections in actions
When the app has connections, actions default to requiring one. In run, read credentials from the injected connection argument (not from your own secrets store).
Set needsConnection: false on a specific action when that operation is public or otherwise unauthenticated.
App-level flags on createApp also matter:
isGlobal: when true, a shared default connection is used for the workspaceavailableForAgent: whether the app's actions appear for agents
OAuth notes
OAuth connections use the platform's browser-based connect flow. Custom portals that only hold an lna_ API key cannot complete interactive OAuth for end users through @lunnoa/client alone; users (or an admin) connect OAuth apps inside the Lunnoa UI.
For non-interactive types (API key, basic auth), the Public API can create connections via workflowApps.connect from @lunnoa/client.
Next
- Actions: set
needsConnectionand useconnectioninrun - Input config: fields on the connection form
- Packaging: register connections on
createApp