Auth Configs
Enterprise-grade authentication management for all your integrations
Auth Configs is the central hub for managing authentication and credentials across all your integrations. Whether you're connecting to popular OAuth2 providers, enterprise databases, or custom APIs, Auth Configs provides secure, reusable credential management that powers your workflows and agents.
Centralized Credential Management
One secure location for all your authentication configurations
Overview
Auth Configs serves as the foundation for all authentication in FlowGenX. When you connect an application, create a workflow integration, or set up an agent toolkit, Auth Configs handles the secure storage and management of your credentials.
Why Auth Configs?
- Centralized Management: Store all credentials in one secure location
- Reusability: Use the same auth config across multiple connections and workflows
- Security: Enterprise-grade encryption and access control
- Automatic Refresh: OAuth tokens are automatically refreshed before expiration
- Audit Trail: Track who accessed what and when
Authentication Types
FlowGenX supports three primary categories of authentication configurations, each designed for different integration scenarios.
OAuth2 Provider
Connect with popular OAuth2 providers like Google, Microsoft, and Facebook, or configure your own.
Native Connector
Pre-built authentication forms for 100+ integrations including databases, message brokers, and cloud services.
Custom
Create custom authentication configurations for APIs with non-standard auth requirements.
OAuth2 Provider
OAuth2 Provider auth configs enable secure connections with platforms that support the OAuth 2.0 protocol. FlowGenX includes pre-configured support for the most popular providers, and you can add custom OAuth2 configurations for any compliant service.
Supported Providers
FlowGenX supports a wide range of OAuth2 providers out of the box:
Creating an OAuth2 Provider Config
- Navigate to Auth Configs: Go to Integration Studio → Auth Configs
- Click Create New: Select "OAuth2 Provider" as the type
- Select Provider: Choose from the list of supported providers or select "Custom OAuth2"
- Configure Credentials:
- Client ID: Your OAuth application's client ID
- Client Secret: Your OAuth application's client secret
- Scopes: Select the permission scopes required for your integration
- Authorize: Click the authorization button to complete the OAuth flow
- Save: Your auth config is now ready to use
Custom OAuth2 Configuration
For OAuth2 providers not in our pre-built list, you can create a custom configuration:
| Field | Description | Example |
|---|---|---|
| Authorization URL | The provider's authorization endpoint | https://auth.example.com/authorize |
| Token URL | The provider's token endpoint | https://auth.example.com/token |
| Client ID | Your OAuth application ID | your-client-id |
| Client Secret | Your OAuth application secret | your-client-secret |
| Scopes | Space-separated permission scopes | read write profile |
| Redirect URI | FlowGenX callback URL (auto-generated) | https://app.flowgenx.com/oauth/callback |
OAuth2 Features
- Automatic Token Refresh: Access tokens are automatically refreshed before expiration
- Scope Management: Request only the permissions your integration needs
- Secure Storage: Tokens are encrypted at rest and in transit
- Multi-Account Support: Connect multiple accounts from the same provider
Native Connector
Native Connectors provide pre-built, secure authentication forms for 100+ popular integrations. These connectors handle the complexity of connecting to databases, message brokers, file storage systems, and other enterprise services.
Supported Categories
Databases
Relational and NoSQL databases
PostgreSQL, MySQL, MongoDB, SQL Server, Oracle, Redis, Elasticsearch, and more
Message Brokers
Event streaming and messaging platforms
Kafka, RabbitMQ, Amazon SQS, Azure Service Bus, Google Pub/Sub, and more
File Storage
Cloud and on-premise storage solutions
AWS S3, Azure Blob, Google Cloud Storage, SFTP, FTP, Dropbox, and more
Enterprise Systems
ERP, CRM, and business applications
SAP, Salesforce, ServiceNow, Workday, NetSuite, and more
Creating a Native Connector Config
- Navigate to Auth Configs: Go to Integration Studio → Auth Configs
- Click Create New: Select "Native Connector" as the type
- Select Connector: Browse or search for your target system
- Fill Authentication Form: Complete the connector-specific form with your credentials
- Test Connection: Verify the connection works before saving
- Save: Your native connector auth config is ready
Connector Configuration Examples
PostgreSQL Database:
| Field | Description |
|---|---|
| Host | Database server hostname or IP |
| Port | Database port (default: 5432) |
| Database | Database name |
| Username | Database user |
| Password | Database password |
| SSL Mode | SSL connection mode (disable, require, verify-ca, verify-full) |
Amazon S3:
| Field | Description |
|---|---|
| Access Key ID | AWS access key |
| Secret Access Key | AWS secret key |
| Region | AWS region (e.g., us-east-1) |
| Bucket | S3 bucket name |
Kafka:
| Field | Description |
|---|---|
| Bootstrap Servers | Comma-separated list of brokers |
| Security Protocol | PLAINTEXT, SSL, SASL_PLAINTEXT, SASL_SSL |
| SASL Mechanism | PLAIN, SCRAM-SHA-256, SCRAM-SHA-512 |
| Username | SASL username |
| Password | SASL password |
Webhook Support
Native Connectors can include webhook configuration for connectors that support real-time triggers:
Custom Authentication
For APIs and services with non-standard authentication requirements, Custom auth configs provide flexible options to handle any authentication scheme.
Custom Auth Types
| Type | Description | Use Case |
|---|---|---|
| No Authentication | No authorization required | Public APIs, internal services |
| OAuth 2.0 | Manual OAuth 2.0 configuration | Custom OAuth providers not in our list |
| API Key | Simple API key authentication | Most REST APIs with key-based auth |
| Bearer Token | Token-based authentication | JWT tokens, access tokens |
| Basic Auth | Username and password authentication | Legacy systems, simple APIs |
No Authentication
Use this option for public APIs or internal services that don't require authentication.
{
"type": "no_auth",
"name": "Public Weather API"
}OAuth 2.0 (Manual)
Configure OAuth 2.0 manually for providers not in our pre-built list:
| Field | Required | Description |
|---|---|---|
| Authorization URL | Yes | OAuth authorization endpoint |
| Token URL | Yes | OAuth token endpoint |
| Client ID | Yes | OAuth client identifier |
| Client Secret | Yes | OAuth client secret |
| Scopes | No | Permission scopes (space-separated) |
| Auth Method | No | client_secret_post or client_secret_basic |
API Key
Simple key-based authentication with flexible placement options:
| Field | Description |
|---|---|
| API Key | Your API key value |
| Key Name | Header or parameter name (e.g., X-API-Key, api_key) |
| Location | Where to send the key: Header, Query Parameter, or Cookie |
Example Configuration:
{
"type": "api_key",
"name": "Stripe API",
"config": {
"api_key": "sk_live_...",
"key_name": "Authorization",
"location": "header",
"prefix": "Bearer " // Optional prefix
}
}Bearer Token
Token-based authentication commonly used with JWTs:
| Field | Description |
|---|---|
| Token | Your bearer token (JWT or opaque token) |
| Header Name | Custom header name (default: Authorization) |
| Prefix | Token prefix (default: Bearer ) |
Example Configuration:
{
"type": "bearer_token",
"name": "Internal Service Auth",
"config": {
"token": "eyJhbGciOiJIUzI1NiIs...",
"header_name": "Authorization",
"prefix": "Bearer "
}
}Basic Auth
Username and password authentication (Base64 encoded):
| Field | Description |
|---|---|
| Username | Authentication username |
| Password | Authentication password |
Basic Auth sends credentials with every request. Always use HTTPS to encrypt credentials in transit. Consider using more secure authentication methods like OAuth 2.0 or API keys when available.
Choosing the Right Auth Type
Use this guide to select the appropriate authentication type for your integration:
Managing Auth Configs
Viewing Auth Configs
All your auth configs are displayed in the Auth Configs section with:
- Name: Your custom name for the config
- Type: OAuth2 Provider, Native Connector, or Custom
- Provider/Connector: The specific provider or connector
- Status: Active, Expired, or Error
- Last Used: When the config was last used
- Connections: Number of connected apps using this config
Editing Auth Configs
You can update auth configs at any time:
- Click on the auth config to open details
- Click Edit to modify settings
- Update credentials or configuration
- Test the updated configuration
- Save changes
Changes to auth configs automatically propagate to all connected apps using that config. No need to update each connection individually.
Refreshing Credentials
For OAuth2 configs, you may need to re-authorize if:
- Tokens have expired and cannot be refreshed
- Permissions have been revoked
- Scopes need to be updated
Click Re-authorize to initiate a new OAuth flow.
Deleting Auth Configs
Before deleting an auth config:
- Check that no connected apps are using it
- Remove or reassign any dependent connections
- Click Delete and confirm
Deleting an auth config that is in use will break connected apps and workflows. Always verify dependencies before deletion.
Security Features
Encryption
All credentials are encrypted using industry-standard encryption:
- At Rest: AES-256 encryption for stored credentials
- In Transit: TLS 1.3 for all network communication
- Key Management: Regular key rotation and secure key storage
Access Control
Control who can view and manage auth configs:
| Role | View | Create | Edit | Delete |
|---|---|---|---|---|
| Admin | ✓ | ✓ | ✓ | ✓ |
| Developer | ✓ | ✓ | ✓ | – |
| Viewer | ✓ | – | – | – |
Audit Logging
All auth config operations are logged:
- Creation and deletion events
- Credential updates
- Authorization flows
- Access attempts
- Token refresh events
Best Practices
Use Descriptive Names
Name configs clearly (e.g., "Google Workspace - Marketing Team") to identify them easily.
Separate Environments
Create separate auth configs for development, staging, and production environments.
Minimize Scopes
Request only the OAuth scopes and permissions your integration actually needs.
Regular Rotation
Rotate API keys and credentials periodically to maintain security.
Test Before Use
Always test auth configs after creation to verify credentials work correctly.
Document Dependencies
Track which workflows and connections use each auth config for easier maintenance.
Troubleshooting
Common Issues
| Issue | Cause | Solution |
|---|---|---|
| OAuth flow fails | Invalid client credentials | Verify Client ID and Client Secret |
| Token expired | Refresh token invalid or revoked | Re-authorize the OAuth connection |
| Connection refused | Network or firewall issues | Check network connectivity and firewall rules |
| Invalid credentials | Incorrect username/password | Verify credentials with the source system |
| Permission denied | Insufficient scopes or permissions | Request additional OAuth scopes or permissions |
Testing Connections
Use the built-in test feature to diagnose issues:
- Open the auth config
- Click Test Connection
- Review the test results
- Check error messages for specific issues
- Update configuration and test again
Next Steps
Connected Apps
Use auth configs in app connections
App Gallery
Browse available integrations
HTTP Request Node
Use auth in API requests
MCP Hub
Expose apps as MCP tools
Summary
Auth Configs is your central hub for managing all authentication across FlowGenX:
- OAuth2 Provider: Connect with popular OAuth2 services like Google, Microsoft, and Salesforce, or configure custom OAuth2 providers
- Native Connector: Use pre-built authentication forms for 100+ databases, message brokers, file storage systems, and enterprise applications
- Custom: Create flexible authentication configurations for APIs with API keys, bearer tokens, basic auth, or no authentication
With enterprise-grade security features including encryption, access control, and audit logging, Auth Configs ensures your credentials are managed securely while providing the flexibility to connect to any service your workflows need.