Programmatic Auth Configs
Auth configs are created once and reused many times. However, when managing multiple toolkits, you may want to create auth configs programmatically.
- When creating and destroying auth configs multiple times in your app’s lifecycle.
- When creating auth configs for your users’ users.
OAuth2 based apps
Using Composio Default Auth
Since OAuth2 is the most common authentication type for applications, Composio provides managed auth for most OAuth2 based applications. This is to speed up development and prototyping. This means you don’t have to provide your own OAuth credentials.
The returned auth_config_id
should be stored securely in your database for future use to be created and destroyed multiple times.
You can also provide your own authentication details. The required credentials
and authScheme
depend on the auth type.
Using your own OAuth2 credentials
Setting up and using your own OAuth2 credentials is the recommended way when going to production or expecting high usage.
In this example, we’re using our own OAuth2 client ID and secret to create the auth config for Notion.
Specifying the authorized redirect URI The process of setting up your own OAuth2 credentials usually involves generating a client ID and secret and specifying the authorized redirect URI in the OAuth configuration.
The authorized redirect URI is the URI that captures the OAuth code that is returned to the app.
While doing so, you must ensure to set the authorized redirect URI in the OAuth configuration to:
Redirect URI for GitHub
Redirect URI for Google

Specifying scopes
Composio requests a set of appropriate default OAuth2 scopes for each toolkit wherever possible. However, you can override or modify these scopes by passing a scopes
field to the credentials
object.
Other auth types
Composio supports many applications that use different authentication types like API keys, Bearer tokens, JWT and even no authentication at all.
Generating the auth config for other auth types only has minor differences.
use_custom_auth
is used instead ofuse_composio_managed_auth
- The
credentials
field is used to pass the authentication details - The
authScheme
field is used to specify the auth type
Programmatically inspecting fields
In cases where you need to dynamically discover the exact field names and handle different auth schemes programmatically, you can inspect the auth config details first.
This works for all auth types.
and then inspect the required fields and specify them in the credentials
object.