Open Connector

Open Connector

Connect an AI agent to user-owned services without putting credentials in agent code.

Open Connector is a credential broker for AI agents. It keeps third-party credentials at the broker boundary, while your application or agent gets only the ability to connect an account and call an allowed tool.

Start with the hosted console; self-host when you need to run the broker in your own environment. Both paths use the same project, connection, and tool-call model.

How it works

  1. Your agent authenticates with a project API key.
  2. Open Connector resolves a connected account and injects its credential server-side.
  3. The provider API receives the request; the agent receives the result, not the credential.

Choose your path

What it provides

FeatureDetail
Encrypted vaultAES-256-GCM at rest; self-hosted instances control CONNECTOR_ENCRYPTION_KEY
Composio SDK compatibleDrop-in replacement — same SDK, one baseURL change
Multi-auth typesOAuth2 (PKCE + refresh), API_KEY, and BASIC auth all supported
Tamper-evident audit trailSHA-256 hash chain — any tampered record breaks the chain
Self-hostableYour Postgres, your OAuth apps, your keys — no vendor lock-in
Open sourceFork it, audit it, contribute to it — see LICENSING.md
Agent-native authx-api-key header with scoped metadata per Project

Connector catalog

The catalog contains connector definitions and their available auth methods. A connector becomes usable only when its auth method is available on the target instance and you create an auth config for it. Browse Connectors before building against a provider.

Get started

Documentation map

  • Start here — SaaS quick start and the tenancy model.
  • Build agents — API keys, connections, tools, and Composio SDK compatibility.
  • Self-hosting — local development, environment configuration, database operations, and the AWS production runbook.
  • API reference — live OpenAPI and Scalar endpoints plus the broker surface.

On this page