TypingMind Plugins support OAuth 2.0 authentication type. This help plugin developers create plugins that act on behalf of the user using the userβs account.
This authentication type make it easy to work with external services that requires OAuth.
Some example plugins you can create using OAuth authentication:
- A Google Calendar plugin that allows the AI to read events from userβs Google calendar.
- A Slack message plugin that all allows the AI to send a message to the userβs Slack channel.
Glossary
Term | Description |
Plugin Developer | The person who create the Google Calendar plugin. |
Admin User | The person who is the admin of a TypingMind instance (TypingMind Custom), this person have access to the admin panel to create new AI agents and install new plugins. |
End User | The person who use the TypingMind instance, chat with the AI models, using the AI agents and plugins created by the Admin users. |
Looking for a step-by-step guide?
Read our tutorial: create a Google Calendar plugin with OAuth 2.0.
Overview and facts
- Creating a plugin with OAuth requires the plugin developer to setup Authorization URL, Token URL, Scopes. These URLs is be different depends on which OAuth provider is used.
- When install a plugin with OAuth, the plugin will requires setting up OAuth Client ID and OAuth Client Secret. The admin user who install the plugin will need to set this up with their own OAuth app.
- When the plugin is being used by the end users, they will need to authorize first. The authorization process is handled by TypingMind automatically.
- Plugin developer can use the
{OAUTH_PLUGIN_ACCESS_TOKEN}variable in their plugin source code as a placeholder for the userβs access token. If the user have not authorized or the access token has expired, the variable will hold an empty value.
Here is a diagram of the full flow:
OAuth in the TypingMind License version
If you are using the license version (individual version) at www.typingmind.com, everything is almost the same with some important difference:
- You must provide the OAuth app by your own before using the plugin. You are acting as both admin user and end user (because there is no admin user in the TypingMind license version).
- When authenticating, all steps of the OAuth authentication flow is run on the client side (your browser). The TypingMind license version does not have a server or a backend. Note that some OAuth providers may not allow this behavior. We tested the OAuth flow of Google and it seems to work on the browser side, but some other providers may not.
- The TypingMind License Version is intended for single-user use. We donβt recommend sharing the license version to other users as they will have access to your OAuth Client Secret, which is not secure.
- To share access to other users in a secure way, please use TypingMind Custom.
TypingMind License Version does not have a built-in OAuth app for plugins. This is because having an OAuth app means that we (TypingMind) will have access to your Google account after you authorize, and we donβt want to have access your data.
We are committed to make TypingMind License Version a truly static web app where all of your data is only stored locally on your device. By using your own OAuth credentials, you can still use all of the OAuth features without giving await access to your data.