OAuth Integration
Secure third-party authentication for Gmail, Slack, and other services in your agents.
Overview
Fiberwise provides built-in OAuth 2.0 integration that allows your agents to securely authenticate with third-party services. This enables powerful integrations like reading emails, posting to Slack, accessing Google Drive, and more - all with proper user consent and token management.
🔗 Supported Services
📧 Gmail
Read emails, send messages
Access Gmail API with full scopes
💬 Slack
Send messages, read channels
Bot and user token support
📄 Google Drive
File access and management
Document processing workflows
🔧 Custom APIs
Any OAuth 2.0 service
Configurable endpoints
OAuth Flow
Fiberwise handles the complete OAuth 2.0 authorization code flow:
1️⃣ Registration
Register OAuth provider in Fiberwise
2️⃣ Authorization
User grants permission via redirect
3️⃣ Token Exchange
Exchange code for access tokens
4️⃣ Agent Access
Agents use tokens for API calls
Provider Setup
Configure OAuth providers through the web interface or API:
🔧 Gmail Setup
{
"name": "gmail",
"display_name": "Gmail Integration",
"client_id": "your-google-client-id",
"client_secret": "your-google-client-secret",
"authorization_url": "https://accounts.google.com/o/oauth2/auth",
"token_url": "https://oauth2.googleapis.com/token",
"scopes": ["https://www.googleapis.com/auth/gmail.readonly"],
"redirect_uri": "http://localhost:7001/api/v1/oauth/callback/gmail"
}💬 Slack Setup
{
"name": "slack",
"display_name": "Slack Integration",
"client_id": "your-slack-client-id",
"client_secret": "your-slack-client-secret",
"authorization_url": "https://slack.com/oauth/v2/authorize",
"token_url": "https://slack.com/api/oauth.v2.access",
"scopes": ["chat:write", "channels:read"],
"redirect_uri": "http://localhost:7001/api/v1/oauth/callback/slack"
}Agent Usage
Use OAuth credentials in your agents with automatic token management:
🐍 Python SDK
from fiberwise_sdk import FiberAgent
class EmailProcessorAgent(FiberAgent):
def __init__(self):
super().__init__()
# OAuth provider is automatically injected
self.oauth = self.get_oauth_provider()
def process(self, input_data):
# Get authenticated credentials for Gmail
gmail_creds = self.oauth.get_credentials("gmail")
if not gmail_creds:
return {"error": "Gmail not authenticated"}
# Use credentials to access Gmail API
import googleapiclient.discovery
service = googleapiclient.discovery.build(
'gmail', 'v1', credentials=gmail_creds
)
# Read recent emails
results = service.users().messages().list(
userId='me', maxResults=10
).execute()
return {
"message_count": len(results.get('messages', [])),
"authenticated": True
}User Authentication Flow
Users authenticate with third-party services through a simple web flow:
- Initiate - User clicks "Connect Gmail" in the web interface
- Redirect - Browser redirects to Google's authorization page
- Consent - User grants permissions to Fiberwise
- Callback - Google redirects back with authorization code
- Exchange - Fiberwise exchanges code for access/refresh tokens
- Storage - Tokens are securely stored for agent use
API Integration
Manage OAuth providers and connections via REST API:
🔗 Start OAuth Flow
curl -X POST http://localhost:7001/api/v1/oauth/authorize/gmail \
-H "Authorization: Bearer your-api-key"📋 List Connections
curl -X GET http://localhost:7001/api/v1/oauth/connections \
-H "Authorization: Bearer your-api-key"🗑️ Revoke Connection
curl -X DELETE http://localhost:7001/api/v1/oauth/connections/gmail \
-H "Authorization: Bearer your-api-key"Security Features
🔐 Token Security
- Encrypted token storage
- Automatic refresh handling
- Secure key rotation
- Expiration management
🎯 Scope Management
- Minimal required permissions
- User consent verification
- Granular access control
- Scope validation
📊 Audit Trail
- Authentication logging
- API usage tracking
- Failed attempt monitoring
- Compliance reporting