Open Connector
API Reference

API reference

Use the live OpenAPI and Scalar documents for exact request and response schemas.

Open Connector has two API planes. Pick the plane that matches the caller's identity—agents use a project API key; the console uses a signed-in user session.

Live API documents

DocumentURLAuthentication
Open Connector Scalar UIapi.openconnector.dev/api/v1/Project API key for protected operations
Open Connector APIapi.openconnector.dev/api/v1/spec.jsonPublic document
Console Scalar UIapi.openconnector.dev/api/v1/consoleBetter Auth session for protected operations

The server generates these documents from the same runtime API contracts used to handle requests. Use them instead of copying a static endpoint list: they are the authoritative schemas for the deployed version.

Agent plane

For existing Composio integrations, use the compatibility mount:

https://api.openconnector.dev/composio/api/v3.1/

Authenticate every broker request with a project API key:

curl "https://api.openconnector.dev/composio/api/v3.1/toolkits?limit=20" \
  -H "x-api-key: $OPEN_CONNECTOR_API_KEY"

The compatible surface includes connector discovery, auth configs, connected accounts, tool execution, and other deployed Composio-style routes. A route whose optional subsystem is not configured returns an explicit error rather than an empty success.

Common agent workflow

  1. Create an auth config for a connector.
  2. Create a connected account (or a hosted connect link) for your user.
  3. Execute a tool against that connection.
curl -X POST "https://api.openconnector.dev/composio/api/v3.1/tools/execute/GITHUB_CREATE_AN_ISSUE" \
  -H "x-api-key: $OPEN_CONNECTOR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "connected_account_id": "conn_...",
    "arguments": {"owner": "acme", "repo": "support", "title": "Brokered issue"}
  }'

See Connected Accounts and Calling Tools for the lifecycle and error-handling guidance.

Console plane

The documented Console API is mounted under /api/v1/console. It uses a Better Auth session cookie and is intended for the management console or trusted administrative tooling—not an AI agent.

Project API-key management, organizations, projects, billing, and settings all belong to this session-authenticated plane. For a programmatic workflow, inspect the Console Scalar UI so the route and request shape match the deployed contract.

Authentication boundaries

CallerCredentialScope
Agent / backend servicex-api-key: oc_...One project and its connections
Console userBetter Auth session cookieThe user's organization permissions
OAuth callbackSigned state created by the brokerThe in-progress connection only

Never send a project API key to an untrusted browser or use a console session cookie from agent code.

Self-hosted instances

Replace https://api.openconnector.dev with your server's public origin. The routes stay the same:

https://connector.example.com/api/v1/spec.json
https://connector.example.com/composio/api/v3.1/

Your OAuth callback base must also be publicly reachable; see Environment variables and Deploy to AWS.

On this page