Security
Encryption, audit trail, and threat model details.
Open Connector exists to keep credentials out of your agents. Everything in this section explains how that guarantee is enforced: how tokens are encrypted at rest, how every credential use is recorded in a tamper-evident journal, and how to migrate an existing Composio setup without exposing secrets.
In this section
Credential Vault
How Open Connector encrypts and stores OAuth tokens and API keys with AES-256-GCM.
Audit Trail
Every credential use is recorded in a tamper-evident, hash-chained audit journal.
Migrating from Composio
Step-by-step guide to move from Composio to a credential store you own.
The threat model in one line
Your raw tokens never leave your infrastructure. Agents authenticate with a scoped x-api-key; Open Connector resolves the real credential from an encrypted vault, calls the upstream API on the agent's behalf, and returns only the scoped response — never the credential itself.
The encryption key (CONNECTOR_ENCRYPTION_KEY) lives only in your server process. Even with direct database access, stored credentials are unreadable without it.