Skip to content

Integrations

Connect external SaaS accounts to ph0ny so your agents and tools can act on your behalf.

What it is

The integration hub gives each developer a set of OAuth connections to external services. Once a connection is authorized, ph0ny stores an encrypted refresh token and exposes the connection to your agents and tools at runtime — they call the provider as you, with scopes you granted, without ever seeing the raw token.

  • Per-developer connections, scoped per provider.
  • Refresh tokens encrypted at rest.
  • Least-privilege scopes — connectors request only what their declared capabilities need.
  • Disconnect at any time; revocation removes the stored credential immediately.

Available connectors

  • Slack — send messages and read channels in your workspace.
  • Google — read and create Calendar events, list and read Drive files.
  • GitHub — read repositories and create issues on your behalf.
  • Notion — read databases and create pages in your workspace.
  • Stripe — read customer records and create charges via Connect.

Each connector advertises its capabilities (for example, send_message, create_calendar_event, create_issue) so tools can discover what they can do once a connection exists.

How to connect

  1. Open the integrations dashboard.
  2. Click Connect on the provider you want to authorize.
  3. Complete the OAuth flow at the provider — review scopes and approve.
  4. You'll be redirected back to the dashboard with the connection listed as active.

The OAuth callback is handled by ph0ny at /integrations/oauth/callback. State is encrypted and tied to your session, so the round-trip is safe to leave open.

Disconnecting

From the integrations dashboard, click the trash icon next to any connection. The encrypted credential is deleted immediately and any tool call that depends on it will fail until you reconnect.

Programmatic access

Coming soon. The platform will expose connections to agents and tools at runtime via a typed handle — your agent code asks for slack or google, and ph0ny injects an authorized client scoped to the calling developer. No tokens flow through your code.

In the meantime, connections are managed through the dashboard and consumed by ph0ny-built tools (builder, future agent kits) automatically.

API reference

The integration hub is currently dashboard-only. The routes below back the dashboard and use session-cookie auth — they are not yet exposed to API-key clients.

MethodPathDescription
GET/portal/integrations/manifestsList connectors configured on this deployment, with capabilities and scopes.
GET/portal/integrations/connectionsList the calling developer's active connections.
POST/portal/integrations/oauth/startBegin an OAuth flow for a provider; returns authorizeUrl to redirect the user.
DELETE/portal/integrations/connections/:idRevoke and delete a connection.

The OAuth callback at /integrations/oauth/callback is public by design — it re-establishes identity from the encrypted state row created at flow start.

Next steps

Built by ph0ny.