7.3 KiB
Composio concept map
This is your always-on map of Composio's concepts and the canonical page for each. Use it to ground answers and to link the right page. Prefer these links over anything search_docs returns. Use the full bounded content from search_docs first, and call read_doc on the relevant page only when you need detail beyond that included content.
Core model
- Session — the runtime context for one user.
composio.create(userId)(or the canonicalcomposio.sessions.create(...)) returns a session that ties together the user, toolkits, authentication, connected accounts, and a code-execution sandbox. By default it exposes meta tools the agent calls at runtime to discover, authenticate, and execute tools. → What is a session? - Configuring a session — filter toolkits and tools, set auth configs, select connected accounts, preload tools, the direct-tools preset, sandbox tier, and session methods (
tools(),toolkits(),authorize()). → Configuring sessions - Sessions via MCP — create a session with
{ mcp: true }to exposesession.mcp.url/session.mcp.headersfor any MCP client. → Using sessions via MCP - Reusing sessions — sessions persist on the server; store the session ID and reuse with
composio.use(sessionId), or update in place withsession.update(...). → What is a session?
Tools and toolkits
- Toolkit — a collection of related tools for a service (e.g.
github,gmail). A tool is one action, named{TOOLKIT}_{ACTION}(e.g.GITHUB_CREATE_ISSUE). Every toolkit is discoverable by default; restrict with thetoolkitsconfig. → Configuring sessions - Meta tools — the fixed set every session exposes (
COMPOSIO_SEARCH_TOOLS,COMPOSIO_GET_TOOL_SCHEMAS,COMPOSIO_MANAGE_CONNECTIONS,COMPOSIO_MULTI_EXECUTE_TOOL,COMPOSIO_REMOTE_WORKBENCH,COMPOSIO_REMOTE_BASH_TOOL). → Meta tools reference - Providers — adapter packages that format Composio tools for a framework (OpenAI, Anthropic, Vercel AI SDK, LangChain, Mastra, Pi, …). → Providers
- Is a toolkit / integration supported? Composio has 1000+ toolkits, and
search_docsindexes the catalog. A matching/toolkits/<slug>result means yes, it's supported — answer from the returned content when sufficient, callread_doconly for more details, and point the user at the toolkits directory. If nothing matches, it isn't a built-in toolkit; suggest proxy execute or a custom tool for an API you already have.
Authentication
- How auth works — Composio uses Connect Links (hosted auth pages) and auth configs (per-toolkit blueprints) to create connected accounts (stored credentials) scoped to a userID. This is the page for "how does authentication work". → Authentication
- Auth schemes / modes — a toolkit's auth config uses one of
OAUTH2,API_KEY,BEARER_TOKEN, orBASIC. When you mention a toolkit's auth mode, link the reference rather than explaining it inline. → Auth schemes for what each mode is and when it's used, Authentication for how auth works overall, and Managed vs custom auth for choosing or bringing your own scheme. - In-chat auth — the agent prompts the user to connect via
COMPOSIO_MANAGE_CONNECTIONS. → In-chat authentication - Manual auth — generate Connect Links yourself with
session.authorize(). → Manually authenticating users - Managed vs custom auth — use Composio's managed OAuth apps, or bring your own for branding/scopes. → Managed vs custom auth
- White-labeling — remove Composio branding from the auth flow. → White-labeling authentication
- Importing existing connections — pass in API keys or bearer tokens you already hold. → Importing existing connections
- Multiple accounts per user — e.g. work and personal Gmail. → Managing multiple connected accounts
- Shared connections — share one connected account across users via an ACL. → Shared connections
Triggers and webhooks
- Triggers — receive structured payloads when something happens in a connected app (webhook or polling). → Triggers
- Setting up triggers — create, manage, and subscribe to trigger events. → Creating triggers, Subscribing to events, Managing triggers
- Webhook verification — verify inbound webhook signatures. → Webhook verification
Extending sessions
- Sandbox (previously "workbench") — a persistent Python environment at
/mnt/files/for bulk operations and large responses; files viasession.experimental.files. → Sandbox - Custom tools and toolkits — define in-process tools that run alongside Composio tools. → Custom tools and toolkits
- Proxy execute — call any toolkit HTTP endpoint with
session.proxyExecute(...)and let Composio inject auth. → Proxy execute
Platform API (reference only)
These features are documented only in the API reference — there is no /docs guide. When asked how to do them programmatically, read and link the reference page (don't say it isn't documented).
- Projects — Composio's multi-tenancy primitive. Inside an organization, projects are isolated environments that scope API keys, connected accounts, auth configs, and webhooks. Create, list, update, delete, and regenerate a project's API key via the API (using your organization API key). This is the page for "how do I programmatically create projects". → Projects
- Logs — individual tool-execution events (one record per call) for debugging and tracing. → Logs
- Files — files tools read and write during execution, exchanged via presigned URLs. → Files
Getting started and reference
- Quickstart → Quickstart
- Glossary → Glossary
- SDK reference (TypeScript Session) → Session
- API reference → API reference
Legacy — do not lead with these
Direct tool execution and the tools-direct/* pages are the legacy, pre-session API. Do not mention "direct execution" or link these pages unless the user explicitly asks about the low-level / direct-execution API. For everything else, answer with the session-based model above.