OAuth for Plugin

OAuth 2.0 Authentication in Trueseek Plugins

Trueseek Plugins support OAuth 2.0 authentication, allowing plugin developers to create integrations that act on behalf of the user using their account. This authentication method simplifies interactions with external services that require OAuth authentication.

Example Plugins with OAuth:

• A Google Calendar plugin that enables the AI to read events from a user's Google Calendar.

• A Slack messaging plugin that allows the AI to send messages to a user’s Slack channel.

Key Terms

• Plugin Developer: The person who creates the Google Calendar plugin.

• Admin User: The person who is the admin of a Trueseek instance (Trueseek Custom). This person has access to the admin panel to create new AI agents and install new plugins.

• End User: The person who uses the Trueseek instance, chats with the AI models, and uses the AI agents and plugins created by Admin users.

💡 Looking for a step-by-step guide? Read our tutorial: create a Google Calendar plugin with OAuth 2.0.

Overview and Facts

Creating a plugin with OAuth requires the plugin developer to set up the Authorization URL, Token URL, and Scopes. These URLs vary depending on the OAuth provider used.

When installing a plugin with OAuth, the plugin will require the OAuth Client ID and OAuth Client Secret. The admin user installing the plugin will need to set up these credentials with their own OAuth app.

When the plugin is being used by end users, they will need to authorize it first. The authorization process is handled automatically by Trueseek.

Plugin developers can use the {OAUTH_PLUGIN_ACCESS_TOKEN} variable in their plugin source code as a placeholder for the user’s access token. If the user hasn't authorized the plugin or if the access token has expired, the variable will hold an empty value.

Here’s a diagram of the full flow:

---

OAuth in the Trueseek License Version

If you're using the license version of Trueseek (individual version), the setup is almost identical, with a few important differences:

• You must provide the OAuth app yourself before using the plugin. In this version, you act as both the admin user and the end user (since there is no admin user in the Trueseek license version).

• During authentication, all steps of the OAuth flow occur on the client side (your browser). Since the Trueseek license version doesn't have a server or backend, some OAuth providers may not support this behavior. However, OAuth with Google has been successfully tested in this setup.

• The Trueseek License Version is intended for single-user use. We recommend using Trueseek Custom if you want to share access with other users securely.

💡 Note: The Trueseek License Version doesn’t include a built-in OAuth app for plugins. This ensures that we (Trueseek) do not have access to your account after you authorize, keeping your data secure. Our goal is to make the Trueseek License Version a truly static web app where all of your data is stored locally on your device.

By using your own OAuth credentials, you can still take advantage of all OAuth features without providing access to your data.