Guides

White-labeling authentication

White-labeling lets you use your own OAuth apps instead of Composio’s. Users will see your app name on consent screens instead of “Composio”.

By default, OAuth screens show Composio’s branding:

With white-labeling, they’ll see your app name and logo.

1

Create an OAuth app

Create a developer app in the toolkit’s developer portal. You’ll need the client ID and client secret. Set the callback URL to:

https://backend.composio.dev/api/v3/toolkits/auth/callback

For step-by-step guides on creating OAuth apps for some toolkits, see composio.dev/auth.

2

Create auth config

Create an auth config in the Composio dashboard:

  1. Go to Authentication managementCreate Auth Config
  2. Select the toolkit (e.g., GitHub)
  3. Choose OAuth2 scheme
  4. Enter your Client ID and Client Secret
  5. Select the scopes you need
  6. Click Create

Copy the auth config ID (e.g., ac_1234abcd).

For detailed instructions with screenshots, see Custom auth configs.

3

Use in Tool Router

Pass your auth config ID in the session:

1session = composio.create(
2    user_id="user_123",
3    auth_configs={
4        "github": "ac_your_github_config"
5    },
6)

When users connect GitHub, they’ll see your OAuth app’s name and logo on the consent screen.

Mixing custom and Composio-managed auth

You can white-label some toolkits while using Composio’s managed credentials for others:

1session = composio.create(
2    user_id="user_123",
3    auth_configs={
4        "github": "ac_your_github_config",
5        "slack": "ac_your_slack_config",
6        # gmail, linear, etc. use Composio managed auth
7    },
8)

Custom redirect domain

When users authenticate, they briefly see backend.composio.dev in their browser URL. Composio needs to receive the OAuth callback to capture and store the authentication tokens.

If you need to hide this URL (for enterprise compliance or complete white-labeling), you can proxy the redirect through your own domain:

  1. Set your OAuth app’s redirect URI to your domain:
https://yourdomain.com/api/composio-redirect
  1. Create an endpoint that forwards the OAuth callback to Composio:
1from fastapi import FastAPI, Request
2from fastapi.responses import RedirectResponse
3
4app = FastAPI()
5
6@app.get("/api/composio-redirect")
7def composio_redirect(request: Request):
8    # Forward all OAuth parameters to Composio
9    composio_url = "https://backend.composio.dev/api/v3/toolkits/auth/callback"
10    return RedirectResponse(url=f"{composio_url}?{request.url.query}")
  1. Update your auth config in the Composio dashboard to use your custom redirect URI:
Enter your custom redirect URI in the auth config

This makes the OAuth flow go through your domain first, then to Composio for token storage.