#[Solved ✅] what is the difference between "COMPOSIO_LINK" and "OAUTH2"?

1 messages · Page 1 of 1 (latest)

leaden juniper
#

I'm creating an integration dynamically for an action my agent chooses to use that does not have an integration setup. I know I can fetch the app and see a list of its supported schemes and use one there for the integration. My question is, what does "COMPOSIO_LINK" do exectly? Is that a link you return to me that I redirect my user to? I've used this for an app that uses OAUTH so the user see's the oauth flow, but what if the app does not have oauth, what does "COMPOSIO_LINK" do then?

const actionDetails = await getActionDetails(toolId)
    if (!actionDetails) {
      return
    }

    const config = {
      ...formatActionDetailsForPrompt(actionDetails),
      approvalNeeded: !(
        toolId.toUpperCase().includes('GET_') ||
        toolId.toUpperCase().includes('_GET') ||
        toolId.toUpperCase().includes('_FIND') ||
        toolId.toUpperCase().includes('FIND_') ||
        toolId.toUpperCase().includes('_SEARCH') ||
        toolId.toUpperCase().includes('SEARCH_') ||
        toolId.toUpperCase().includes('READ_') ||
        toolId.toUpperCase().includes('_READ') ||
        toolId.toUpperCase().includes('_LIST') ||
        toolId.toUpperCase().includes('LIST_')
      ),
      integration: actionDetails.appName,
    }

    if (actionDetails.no_auth) {
      return config
    }

    const result = await toolSet.integrations.list({
      appName: actionDetails.appName,
    })

    const integration = result.items[0]

    if (!integration) {
      const { result: app, error } = await attempt(toolSet.apps.get({ appKey: actionDetails.appKey }))

      if (error) {
        console.error('Error getting app params', error)
        return
      }

      if (!app) {
        console.error('Error getting app params', error)
        return
      }

      if (!app.no_auth) {
        await toolSet.integrations.create({
          appUniqueKey: actionDetails.appKey,
          name: `${actionDetails.appName}-managed`,
          authScheme: 'COMPOSIO_LINK',
          forceNewIntegration: true,
          useComposioAuth: true,
        })
      }
    }

    const isOauth = integration.authScheme.toLowerCase().includes('oauth')

    const auth: { status: 'CONNECTED' | 'DISCONNECTED'; authUrl: string | null; type: 'oauth' | 'key' } = {
      status: 'CONNECTED',
      authUrl: null,
      type: isOauth ? 'oauth' : 'key',
    }

    const entity = await toolSet.getEntity(userId)
    let connection = null

    try {
      connection = await entity.getConnection({ appName: actionDetails.appName })
    } catch (error) {
      console.log('Error getting connection', error)
    }

    if (!connection || connection.isDisabled || connection.status !== 'ACTIVE') {
      if (isOauth) {
        const connReq = await entity.initiateConnection({
          integrationId: integration.id,
          appName: actionDetails.appName,
          authMode: 'COMPOSIO_LINK',
          redirectUri: createUrl(`/api/composio/callback/${sessionId}`),
        })

        auth.authUrl = connReq.redirectUrl
        auth.status = 'DISCONNECTED'
      } else {
        auth.status = 'DISCONNECTED'
      }
    } else if (connection && connection.status === 'ACTIVE') {
      auth.status = 'CONNECTED'
    }

    return {
      ...config,
      auth,
    }
#

I'm essentially trying to enabled an integration for a user for a given action if I don't already have one set up. I need to determine what to show the user, a button that redirects for OAUTH flow, some fields to collect information for API key, etc. I know the app has the required fields on there to use, I have not gotten there yet. I'm setting the authScheme on the new integration to COMPOSIO_LINK right now, I know I probably should be setting this to a scheme from the app (or does every app have COMPOSIO_LINK?). But then when I create the connection, there is an authMode, also set to COMPOSIO_LINK. Just not sure how all of these correlate. Again, I just want to create an integration if its not there, if its OAUTH, I like have the link generated from you all that I can show the user. If the integration does not support OAUTH, that's fine, I want to collect and show the user the required fields needed to enabled this integration.

#

for instance, when I log the auth_schemes for Linear, I see oauth and apikey, I don't see composio link. so how do I know when / if I can use composio link, and what is it for exactly? I assume its composio generating a link to redirect a user to, then if its oauth, start that process, if its not, composio will show the user a form to collect the auth info?

leaden juniper
#

nvmd, I found what I needed in the old docs. however, still confused on what COMPOSIO_LINK authScheme is and why and when to use it. but no longer blocked. You guys should look into using Kapa: https://www.kapa.ai/. I'm an investor and can make an intro if you'd like

kapa.ai - Instant AI Answers to Technical Questions

Kapa.ai turns your knowledge base into a reliable and production-ready LLM-powered AI assistant that answers technical questions instantly. Trusted by 100+ startups and enterprises incl. OpenAI, Docker, Mapbox, Mixpanel and NextJS.

crisp peakBOT
#

Composio link auth is a custom auth we had created for one of our integrations. It is deprecated now and will be removed in the next version of the sdk!

leaden juniper
#

got it, thanks