Documentation
Get Started

OAuth Authentication

Connect Google, GitHub, and other OAuth-based apps to your workflows.

Many TogoFlow integrations use OAuth 2.0 — a secure authorization flow where you grant TogoFlow permission to act on your behalf without sharing your password.

Which apps use OAuth

Common OAuth-based integrations:

  • Google — Gmail, Sheets, Calendar, Drive, Docs, Slides
  • GitHub — repositories, issues, pull requests
  • Microsoft — Outlook, Teams, Excel, Word, PowerPoint
  • Slack — messaging and channels
  • Notion — pages and databases
  • Salesforce, HubSpot, Shopify, and others

Connecting via OAuth

From the workflow editor

  1. Add an Action or Start (App) node and select an OAuth-based app.
  2. Click Connect [App Name].
  3. A popup opens to the provider's login page (e.g. Google sign-in).
  4. Sign in and grant the requested permissions.
  5. The popup closes and your connection is saved.

During workflow execution

If a running workflow needs OAuth access you haven't granted yet, an Authentication Required modal appears. Click Connect and complete the same flow.

Google OAuth

Google integrations (Gmail, Sheets, Calendar, Drive, Docs, Slides) share a single Google OAuth connection:

  1. Click Connect Google on any Google app node.
  2. Sign in with your Google account.
  3. Grant access to the requested scopes (e.g. Gmail read/send, Sheets read/write).
  4. All Google app nodes in your organization use this connection.

Scopes determine what TogoFlow can do. For example:

  • Gmail Send Email requires send permission
  • Google Sheets Create Row requires spreadsheet write permission

Token management

  • OAuth tokens are stored securely per organization.
  • Refresh tokens renew access automatically — you don't need to re-authorize regularly.
  • If you revoke access from the provider's side (e.g. Google Account settings), you'll need to reconnect in TogoFlow.

Security best practices

  • Only grant permissions your workflow actually needs.
  • Use a dedicated service account or team email for production workflows.
  • Review connected apps periodically in your provider's security settings.
  • Credentials are never included in workflow exports.

Troubleshooting

ProblemFix
Popup blockedAllow popups for app.togoflow.ai in your browser
"Access denied"Ensure you have admin access to the target resource (e.g. the Gmail account)
Token expiredClick Connect again to re-authorize
Wrong account connectedDisconnect and reconnect with the correct account

HTTP Request fallback

For APIs that support personal access tokens but aren't in the integration catalog, use an HTTP Request node with a bearer token. See API Keys.