API Auth connects your app to 500+ APIs.

Connection flow with Nango's pre-built Connect UI

When should you use API auth?

  • You want users to connect their external accounts to your app
  • You want to avoid building OAuth flows, API key guides, and token refresh logic yourself
  • You want a white-label connection experience for your users
All Nango customers use API auth. Everything else, Syncs, Actions, and Webhooks, builds on it.

Key facts

  • Supports dozens of auth methods: OAuth 2.0, 2.1, API key, basic auth, and custom auth models
  • Securely stores all credentials with encryption at rest and in transit (learn more on our Trust center)
  • Automatically refreshes access tokens as needed to prevent expiration
  • Detects broken access tokens and notifies your backend via webhook
  • Fully white-label: Users authorize your app with no Nango branding
  • Full control: You always have access to your users’ API keys and access tokens
  • Provides detailed guides to help users find API keys and other required parameters (subdomain, project ID, etc.)
  • Automatically validates API keys and other credentials during connection
  • Anyone can contribute new APIs to Nango, or our team can add new APIs for you
  • All authorization attempts create detailed logs in Nango’s logs

How API auth works

  1. Configure the integration in your Nango dashboard
  2. Embed the auth flow in your application with our implementation guide
  3. Fetch credentials from Nango, or use them with Syncs, Actions, Webhooks, and our Proxy

API Auth in detail

What is a Connection?

Each time a customer connects an external account, this creates a Connection in Nango. You can think of a Connection in Nango as a set of credentials for an integration (e.g., a GitHub API access token). It’s up to you how you associate the Connection with objects in your application. You can link them to an account, a user, or any other object, such as a project or workspace. Which option is best depends on your integration’s use case and whether you want each user, account, etc., to set up the integration. Integrations in Nango always run in the context of a Connection. For example, if you define a Sync for your GitHub integration, this sync will run in the context of each GitHub connection in your account.

Adding support for new APIs

Nango is designed to make it fast and easy to add support for new APIs. If you need support for an API we don’t have yet, you can either:
  • Contribute support for it yourself (we take ~24h to review, merge, and deploy high-quality PRs)
  • Request support on the Slack community or your private Slack connect channel with Nango
    • We prioritize requests by plan. Free users can expect support for new APIs in 5-10 business days, Enterprise customers <48h

API auth demo

Watch a quick demo of the API auth flow and the detailed logs it creates.

OAuth token refresh & validity