Connected Apps

Connected Apps is where you enable catalog integrations for the org, configure their OAuth apps, and control what each tool is allowed to do. Provider Secrets holds the credentials agents use for external services, including ERP systems.

Open Organization Settings > Connected Apps. Each catalog app shows a status chip encoding both state and capability: Enabled with Read / Write (green, it can act), Enabled with Read-only (amber, it sees but cannot act), Setup required, Not enabled, or Failed (red). Members connect their own accounts from their personal Settings > Connected Apps page, where the chip describes their link rather than org state.

Enabling an app

The Connected Apps admin page with catalog app tiles and their status chips
Status chips carry state and capability in one glance: enabled, read-only, setup required, failed.
  1. 1For OAuth apps, open the setup form and enter the client ID, client secret, and scopes from your app registration, then enable it.
  2. 2Members then click Connect on their personal Connected Apps page to link their own account.
  3. 3Credential-less apps such as Knowledge Base enable with one click and are available to everyone immediately, no per-user connect.

If an OAuth connection fails, the outcome surfaces once as a toast with the failure message when you return to the page: no silent token-exchange failures.

GitHub

The GitHub tile shows the OAuth app, approved GitHub organizations, and how many members have linked their accounts. Manage the org allowlist via the Git Access panel on the card; from there, Install App redirects you to GitHub to install the GitHub App on an approved org. Installation rows show Active or Pending install status, and the project repository picker only offers repos from approved orgs. Jira gets a similar dedicated connection panel.

Tool permissions and approval cards

Per tool, choose how it behaves when a run acts as a user: Always allow, Needs approval, or Blocked. You can also disable a tool org-wide, which locks it for every member. Tools are grouped by read versus write capability, and members can tighten (but not bypass) the org default for themselves.

A tool set to Needs approval raises an approval card in chat when an agent tries to call it: the run pauses, the card shows what the tool wants to do with technical details available, and nothing executes until you decide. Approvals are single-use and time-boxed; an expired approval counts as a deny. Blocked tools fail closed.

In-chat approval card for a connected app tool call
Needs approval means exactly that: the call waits on the card, and expiry counts as a deny.

Provider Secrets

Organization Settings > Provider Secrets holds API credentials agents use directly, organized by category: AI model providers, search, cloud providers, and ERP & Finance, which covers NetSuite (token-based auth: account ID, consumer key and secret, token ID and secret) and SAP S/4HANA Cloud (API host, communication user, password, and an optional communication scenario ID). Each field documents the exact vendor menu path to find the value. Secrets are write-only: there is no show or hide toggle, and saved values are never displayed back.

The Provider Secrets admin page with credential categories for AI providers, search, cloud, and ERP & Finance
A write-only vault: keys go in, never come back out, and agents use them without ever seeing them.

With NetSuite configured, agents gain read-only ERP tools (SuiteQL queries and record lookups) that dispatch through the platform API using the org vault, subject to the same tool permission modes as everything else.