Custom OAuth Apps
Register your own OAuth applications for branded consent screens and custom scopes.
By default, Weavz provides pre-configured OAuth credentials for supported integrations. Custom OAuth apps let Team, Scale, and Enterprise organizations use their own provider credentials instead, giving you control over branding, scopes, consent screens, compliance approval, and provider quota.
Why Use Custom OAuth Apps
- Branded consent screens — users see your app name instead of "Weavz"
- Custom scopes — request only the permissions your app needs
- Different environments — separate OAuth apps for development, staging, and production
- Compliance — some organizations require using their own OAuth credentials
- Rate limits — use your own API quota instead of shared platform limits
Registering an OAuth App
Step 1: Create the App with the Provider
First, create an OAuth application in the third-party service's developer portal:
- Go to the provider's developer settings (e.g., Slack API, GitHub Developer Settings)
- Create a new OAuth application
- Set the redirect URL to your Weavz instance's connect callback URL:
text
https://platform.weavz.io/api/v1/connect/oauth-callback - Note the Client ID and Client Secret
Step 2: Register with Weavz
Open Settings
Navigate to Settings > OAuth Apps in the Weavz dashboard.
Register a new OAuth app
Click Register OAuth App and select the integration (e.g., Slack, GitHub).
Enter credentials
Paste the Client ID and Client Secret from the provider's developer portal.
Configure scopes (optional)
Enter custom scopes if you want to override the defaults. Leave blank to use the integration's default scopes.
Register
Click Register. You can then select this tenant-owned OAuth app on a workspace integration or connect-token request.
Plan Availability
Custom OAuth apps are available on Team, Scale, and Enterprise. Free and Pro organizations can still use platform-managed OAuth apps where Weavz has configured them, but cannot create or use tenant-owned OAuth apps.
Optional Configuration
Some OAuth providers use non-standard endpoints or require additional parameters. When registering your OAuth app in the dashboard, you can optionally configure:
| Field | Required | Description |
|---|---|---|
integrationName | Yes | The integration this OAuth app is for |
clientId | Yes | OAuth Client ID from the provider |
clientSecret | Yes | OAuth Client Secret from the provider |
authUrl | No | Custom authorization endpoint URL. Must be public HTTPS. |
tokenUrl | No | Custom token exchange endpoint URL. Must be public HTTPS. |
scope | No | Space-separated OAuth scopes to request |
extraParams | No | Additional parameters to include in the auth request |
Redirect URL Configuration
When creating your OAuth application with the provider, set the redirect URL to:
https://platform.weavz.io/api/v1/connect/oauth-callbackFor enterprise on-premise deployments, replace platform.weavz.io with your dedicated API URL. Contact sales for details.
Selection
Registering a tenant-owned OAuth app does not automatically replace Weavz-managed OAuth for every new connection. New OAuth workspace integrations and connect sessions use Weavz-managed OAuth by default.
To use a tenant-owned OAuth app, select oauthAppMode: "custom" and pass the app's real oauthAppId on the workspace integration or hosted connect token. When hosted connect is launched with workspaceIntegrationId, it inherits that configured workspace integration's OAuth app policy.