API configurations are listed in the providers.yaml file, located in the Nango GitHub repository .
Examples Hubspot Salesforce Google Notion Linear Slack hubspot : display_name : HubSpot categories : - marketing - support - crm auth_mode : OAUTH2 authorization_url : https://app.hubspot.com/oauth/authorize token_url : https://api.hubapi.com/oauth/v1/token connection_configuration : - portalId post_connection_script : hubspotPostConnection webhook_routing_script : hubspotWebhookRouting proxy : base_url : https://api.hubapi.com decompress : true paginate : type : cursor cursor_path_in_response : paging.next.after limit_name_in_request : limit cursor_name_in_request : after response_path : results docs : https://docs.nango.dev/integrations/all/hubspot All configuration fields Looking for the JSON Schema, find it in our
GitHub Allows to extend the configuration of another API.
The display name of the provider, used in the UI.
The authentication mode. Must be one of: “API_KEY”, “APP”, “APP_STORE”, “BASIC”, “NONE”, “OAUTH1”, “OAUTH2”, “OAUTH2_CC”, “CUSTOM”, “TBA”, “JWT”, “BILL”, “TWO_STEP”, “SIGNATURE”.
Authentication configuration. The response type for authentication.
The authorization method. Must be header
Query parameters of the authorization request. Possible value: “offline”
Possible values: “auto”, “force”
Possible value: “permanent”
Whether to force verification
A unique string to be included in the request
Possible value: “consent”
The URL to get the OAuth 2 credentials from the external API.
authorization_url_encoded
Should the authorization_url be encoded or not
authorization_url_replacements
An object containing key-value pairs for replacements in the authorization URL.
The format of the request body. e.g: json
An array of strings representing the categories of the API.
An array of strings representing the connectionConfig that are automatically populated by post-connection scripts.
Whether to decode the URL or not.
The minimum list of scopes that are necessary to connect to the API.
Disables the PKCE extension to the Authorization Code flow. The URL to the developer API documentation.
The URL to the end user documentation (e.g: how to connect).
The name of the script to run after a connection is established.
Proxy configuration for the API. The base URL for the API.
Whether to decompress the response.
Headers to be sent with each request.
Pagination configuration. The name of the cursor parameter in the request.
The path to the cursor value in the response.
The name of the limit parameter in the request.
The rel attribute of the link header for pagination.
link_path_in_response_body
The path to the link in the response body.
The name of the offset parameter in the request.
offset_calculation_method
The method to calculate the offset in the request. Must be one of: “per-page” or “by-response-size”. Optional parameter that defaults to “by-response-size”.
The starting value for the offset.
The path to the paginated data in the response.
The type of pagination. Must be one of: “link”, “cursor”, “offset”.
Query parameters to be sent with each request.
Retry configuration. The name of the rate-limit header, e.g. after: 'X-Rate-Limit-Reset'
The name of the rate-limit header, e.g. at: 'x-ratelimit-reset'
Configure a HTTP call to verify if credentials are valid, only used for API Key and Basic auth. The HTTP method for verification. Must be either “GET” or “POST”.
The endpoint for verification.
Override the base URL for verification.
Headers for the verification request.
The metadata to capture from the callback request.
The URL used for refreshing the access token. Defaults to the token_url
Parameters used for refreshing the access token. The grant type for refreshing the token. Must be “refresh_token”.
An object containing request parameters to pass to an authorization request.
The URL for making API an authorization request.
The separator used between scopes in the authorization request.
Defaults to space, but some APIs sur , or +.
The signature method used for OAuth 1.0. Must be either “HMAC-SHA1” or “PLAINTEXT”.
A buffer time (in seconds) before the token expiration to trigger a refresh.
Parameters used for obtaining the access token. The grant type for obtaining the token. Must be either “authorization_code” or “client_credentials”.
Additional request information for obtaining the token.
token_request_auth_method
The authentication method used for token requests. Must be either “basic” or “custom”.
The unit of time for token expiration. Must be “milliseconds”.
An array of strings representing metadata from the token response that will be saved in connection.metadata.
The URL to get the OAuth 2 credentials from the external API.
Should the token_url be encoded or not
webhook_user_defined_secret
Wether the webhook secret is set by the user.
Specifies a script to handle external webhooks . authorization_url_fragment
Specifies a fragment to be appended to the authorization URL, typically used to modify the redirection flow or pass additional information in the URL before the query parameters.
The list of properties available in ${connectionConfig} and their validation. The type of this value. Must be “string”.
The description of this value.
An example of valid value to display in a UI.
A regex pattern for the credential.
The special format of this value (e.g: hostname, uri)
The order in which this field should be displayed in a UI
The documentation section relative to docs_connect
The list of credentials and their validation, only filed if necessary (e.g: API_KEY, BASIC) The type of the credential. Must be “string”.
The title of the credential.
The description of the credential.
An example of the credential.
A pattern for the credential.
The format of the credential.
The documentation section for the credential.
