Files
2026-07-13 12:38:34 +08:00

7.3 KiB

Composio concept map

This is your always-on map of Composio's concepts and the canonical page for each. Use it to ground answers and to link the right page. Prefer these links over anything search_docs returns. Use the full bounded content from search_docs first, and call read_doc on the relevant page only when you need detail beyond that included content.

Core model

  • Session — the runtime context for one user. composio.create(userId) (or the canonical composio.sessions.create(...)) returns a session that ties together the user, toolkits, authentication, connected accounts, and a code-execution sandbox. By default it exposes meta tools the agent calls at runtime to discover, authenticate, and execute tools. → What is a session?
  • Configuring a session — filter toolkits and tools, set auth configs, select connected accounts, preload tools, the direct-tools preset, sandbox tier, and session methods (tools(), toolkits(), authorize()). → Configuring sessions
  • Sessions via MCP — create a session with { mcp: true } to expose session.mcp.url / session.mcp.headers for any MCP client. → Using sessions via MCP
  • Reusing sessions — sessions persist on the server; store the session ID and reuse with composio.use(sessionId), or update in place with session.update(...). → What is a session?

Tools and toolkits

  • Toolkit — a collection of related tools for a service (e.g. github, gmail). A tool is one action, named {TOOLKIT}_{ACTION} (e.g. GITHUB_CREATE_ISSUE). Every toolkit is discoverable by default; restrict with the toolkits config. → Configuring sessions
  • Meta tools — the fixed set every session exposes (COMPOSIO_SEARCH_TOOLS, COMPOSIO_GET_TOOL_SCHEMAS, COMPOSIO_MANAGE_CONNECTIONS, COMPOSIO_MULTI_EXECUTE_TOOL, COMPOSIO_REMOTE_WORKBENCH, COMPOSIO_REMOTE_BASH_TOOL). → Meta tools reference
  • Providers — adapter packages that format Composio tools for a framework (OpenAI, Anthropic, Vercel AI SDK, LangChain, Mastra, Pi, …). → Providers
  • Is a toolkit / integration supported? Composio has 1000+ toolkits, and search_docs indexes the catalog. A matching /toolkits/<slug> result means yes, it's supported — answer from the returned content when sufficient, call read_doc only for more details, and point the user at the toolkits directory. If nothing matches, it isn't a built-in toolkit; suggest proxy execute or a custom tool for an API you already have.

Authentication

  • How auth works — Composio uses Connect Links (hosted auth pages) and auth configs (per-toolkit blueprints) to create connected accounts (stored credentials) scoped to a userID. This is the page for "how does authentication work". → Authentication
  • Auth schemes / modes — a toolkit's auth config uses one of OAUTH2, API_KEY, BEARER_TOKEN, or BASIC. When you mention a toolkit's auth mode, link the reference rather than explaining it inline. → Auth schemes for what each mode is and when it's used, Authentication for how auth works overall, and Managed vs custom auth for choosing or bringing your own scheme.
  • In-chat auth — the agent prompts the user to connect via COMPOSIO_MANAGE_CONNECTIONS. → In-chat authentication
  • Manual auth — generate Connect Links yourself with session.authorize(). → Manually authenticating users
  • Managed vs custom auth — use Composio's managed OAuth apps, or bring your own for branding/scopes. → Managed vs custom auth
  • White-labeling — remove Composio branding from the auth flow. → White-labeling authentication
  • Importing existing connections — pass in API keys or bearer tokens you already hold. → Importing existing connections
  • Multiple accounts per user — e.g. work and personal Gmail. → Managing multiple connected accounts
  • Shared connections — share one connected account across users via an ACL. → Shared connections

Triggers and webhooks

Extending sessions

  • Sandbox (previously "workbench") — a persistent Python environment at /mnt/files/ for bulk operations and large responses; files via session.experimental.files. → Sandbox
  • Custom tools and toolkits — define in-process tools that run alongside Composio tools. → Custom tools and toolkits
  • Proxy execute — call any toolkit HTTP endpoint with session.proxyExecute(...) and let Composio inject auth. → Proxy execute

Platform API (reference only)

These features are documented only in the API reference — there is no /docs guide. When asked how to do them programmatically, read and link the reference page (don't say it isn't documented).

  • Projects — Composio's multi-tenancy primitive. Inside an organization, projects are isolated environments that scope API keys, connected accounts, auth configs, and webhooks. Create, list, update, delete, and regenerate a project's API key via the API (using your organization API key). This is the page for "how do I programmatically create projects". → Projects
  • Logs — individual tool-execution events (one record per call) for debugging and tracing. → Logs
  • Files — files tools read and write during execution, exchanged via presigned URLs. → Files

Getting started and reference

Legacy — do not lead with these

Direct tool execution and the tools-direct/* pages are the legacy, pre-session API. Do not mention "direct execution" or link these pages unless the user explicitly asks about the low-level / direct-execution API. For everything else, answer with the session-based model above.