Guides/OAuth Credentials

OAuth Credentials

OAuth2 authentication flows for connecting agents to external services like Google, Slack, GitHub, and Notion.

How It Works

Open the agent's Credentials tab.

Click the OAuth provider button (Google, Slack, GitHub, or Notion).

Your browser redirects to the provider's authorization page.

After you approve access, the callback returns to Trinity.

Credentials are normalized to MCP-compatible format and injected into the agent.

•Google — Gmail, Calendar, Drive, and other Google Workspace services.

•Slack — Workspace access for messaging and channel operations.

•GitHub — Repository access, issues, pull requests.

•Notion — Page and database access.

Endpoint	Method	Description
/oauth/{provider}/authorize	GET	Start OAuth flow
/oauth/{provider}/callback	GET	OAuth callback handler

OAuth tokens are stored in Redis with AOF persistence. When an OAuth flow completes, Trinity:

Normalizes the token data to KEY=VALUE format for .env injection.

Regenerates the agent's .mcp.json with the new credentials.

Makes the credentials available to all MCP servers configured in the agent.

Agents do not need to handle OAuth flows directly. Trinity manages token acquisition and injection on their behalf.