๐ Connection Overview
The connection system is built around two core components that work together to provide seamless app integration:App Groups Interface
A dropdown menu that organizes all available integrations by category, showing connection status and providing quick access to connect or disconnect apps.Connection Dialog
A secure authentication interface that handles different connection types including OAuth flows, API key authentication, and custom authorization methods.๐๏ธ Architecture
Connection Categories
Apps are organized into logical categories for better navigation:Google Workspace
Gmail, Google Drive, Google Docs, Google Sheets, Google Calendar, Google Meet, Google Maps, Google Slides
Communication
Slack, Microsoft Teams, Zoom, Outlook
Social Media
Twitter, LinkedIn, YouTube, Reddit
Productivity
Notion, Confluence, Jira, Miro, Canva, Calendly, HubSpot, Apollo, Klaviyo
SEO & Analytics
Moz, SerpAPI
E-commerce
Shopify
Utilities
TinyURL
Authentication Methods
The system supports multiple authentication approaches:1. OAuth 2.0 Flow (Composio-based)
Most integrations use OAuth 2.0 through the Composio platform for secure, standardized authentication. Apps using OAuth:- All Google Workspace apps (Gmail, Drive, Docs, Sheets, Calendar, Meet, Maps)
- Social media platforms (Twitter, LinkedIn, YouTube, Reddit)
- Communication tools (Slack, Microsoft Teams, Zoom, Outlook)
- Productivity apps (Notion, Confluence, Jira, Calendly, HubSpot, Klaviyo)
- Utilities (TinyURL)
2. Custom OAuth Implementation
Some apps use custom OAuth flows managed directly within the application. Apps using custom OAuth:- Miro: Direct OAuth 2.0 integration with Miroโs API
3. API Key Authentication
Certain services require API key authentication for direct integration. Apps using API keys:- Apollo: Sales intelligence platform API key
- Shopify: Admin API access token with shop domain
4. Pre-configured Services
Some integrations are pre-configured and donโt require user authentication. Pre-configured apps:- Moz: SEO tools (automatically available)
- Canva: Design platform (under development)
๐ Security Features
OAuth Security
All OAuth flows follow industry-standard security practices with PKCE (Proof Key for Code Exchange) where supported.
- State Parameter Validation: Prevents CSRF attacks during OAuth flows
- Secure Token Storage: Tokens are encrypted and stored securely
- Scope Limitation: Apps only receive the minimum required permissions
- Token Refresh: Automatic token renewal for expired credentials
API Key Protection
- Encrypted Storage: API keys are stored using browser security features
- Input Masking: Sensitive credentials are masked during input
- Secure Transmission: All API communications use HTTPS
- Local Storage: Keys are stored locally, never transmitted to external servers
Permission Management
- Explicit Consent: Users must explicitly approve each connection
- Granular Control: Individual app permissions can be managed
- Easy Disconnection: One-click disconnection from any service
- Audit Trail: Connection history and status tracking
๐ User Guide
Connecting an App
Access Connection Menu
Click the โConnect Appsโ button in the interface to open the connection dropdown menu.
Navigate Categories
Browse through categorized app groups or expand specific categories to find your desired integration.
Select Application
Click on the app you want to connect. The system will automatically determine the appropriate authentication method.
Complete Authentication
Follow the authentication flow specific to your chosen app:
- OAuth Apps: Redirected to the serviceโs authorization page
- API Key Apps: Enter credentials in the secure dialog
Managing Connections
Viewing Connection Status
- Green Checkmark: Successfully connected and ready to use
- Yellow Warning: App under construction or requires attention
- No Indicator: Not connected or available for connection
Disconnecting Apps
- Locate the connected app in the dropdown menu
- Click the red โXโ button next to the app name
- Confirm disconnection when prompted
- The app will immediately be disconnected and marked as available for reconnection
App-Specific Setup
Google Workspace Apps
Most Google services use standard OAuth 2.0 through Composio:- Click the app name
- Authorize in the Google consent screen
- Grant requested permissions
- Return to Reasoning Stack with active connection
Miro Integration
API Key Apps Setup
Apollo Configuration
Get API Key
Visit the Apollo Developer Portal and obtain your API key.
Shopify Setup
Prepare Shop Information
Youโll need your shop domain (e.g.,
your-shop.myshopify.com) and Admin API access token.Storage Mechanisms
- OAuth Tokens: Managed through secure context providers
- API Keys: Stored in encrypted browser localStorage
- Connection Metadata: Tracked in application state
- Session Data: Temporary storage for OAuth flows
Error Handling
The system includes comprehensive error handling:- Authentication Failures: Clear error messages and retry options
- Network Issues: Automatic retry mechanisms
- Invalid Credentials: Immediate feedback and correction guidance
- Permission Errors: Detailed explanations of required permissions
App-Specific Issues
Google Services
- Scope Conflicts: Ensure youโre granting all requested permissions
- Account Switching: Use the correct Google account for business vs personal use
- Admin Restrictions: Check if your organization allows third-party app connections
Shopify Integration
- Shop Domain Format: Must include
.myshopify.comsuffix - API Permissions: Ensure your access token has required scopes
- Store Status: Verify your Shopify store is active and accessible
Social Media Platforms
- Rate Limiting: Be aware of API rate limits for posting and engagement
- Account Verification: Some features require verified accounts
- Privacy Settings: Ensure your account allows third-party access
๐ Connection Lifecycle
Initial Connection
- App Selection: User chooses app from categorized menu
- Authentication: System initiates appropriate auth flow
- Authorization: User grants permissions on service platform
- Token Exchange: System securely exchanges auth codes for tokens
- Storage: Credentials are encrypted and stored securely
- Validation: Connection is tested and marked as active
Ongoing Management
- Token Refresh: Automatic renewal of expired tokens
- Health Checks: Periodic validation of connection status
- Permission Updates: Handling of changed app permissions
Disconnection Process
- User Initiation: User clicks disconnect button
- Token Revocation: System revokes tokens on service platform
- Local Cleanup: All stored credentials are removed
- State Update: Connection status is updated immediately
- Notification: User receives confirmation of disconnection