Files
2026-07-13 12:38:34 +08:00

45 lines
3.6 KiB
Plaintext

Tools are the individual executable actions inside a toolkit, like `GMAIL_SEND_EMAIL` or `GITHUB_CREATE_ISSUE`. Each tool has an input schema describing its parameters and an output schema describing what it returns. Tool slugs are SCREAMING_SNAKE_CASE and follow a `{TOOLKIT}_{ACTION}` pattern.
Reach for these endpoints when you want to:
- List or search the catalog of available tools, optionally scoped to one or more toolkits.
- Fetch a single tool's input and output schema by `tool_slug` before constructing a call.
- Execute a tool on behalf of a user's connected account, or generate the inputs for an execution from natural language.
- Look up the OAuth scopes a set of tools requires, or send an authenticated proxy request to an app's underlying API.
These endpoints authenticate with your project API key in the `x-api-key` header.
<Callout type="info">
Manual tool execution requires an explicit toolkit version. Pass `toolkit_versions=latest` (or pin a dated version like `20251027_00`) so calls resolve to a known tool definition. See the [toolkit versioning migration guide](/docs/migration-guide/toolkit-versioning).
</Callout>
For the concepts behind tools, schemas, and authentication, see [Tools and toolkits](/docs/how-composio-works).
## Proxy execute
Proxy execute sends an authenticated HTTP request through a toolkit's [connected account](/docs/auth-configuration/connected-accounts) without a predefined tool, and Composio injects the OAuth token, API key, or other credentials on the server side so your code never touches raw secrets. Reach for it when you need an endpoint that Composio's predefined tools do not cover, when you need a request shape (custom query parameters, field masks, or advanced filters) that a predefined tool cannot express, or when a terminal agent would otherwise hardcode a bearer token in a `curl` call.
Call it with `composio.tools.proxyExecute()` in the TypeScript SDK, `composio.tools.proxy()` in the Python SDK, or `POST /api/v3.1/tools/execute/proxy` over HTTP. The `endpoint` can be an absolute URL (`https://api.example.com/v1/resource`) or a path relative to the toolkit's base URL (`/v1/resource`), `method` is the HTTP verb, `connectedAccountId` selects the account to authenticate as, `body` carries the JSON payload, and `parameters` adds extra headers and query parameters. The response forwards the upstream `status`, `headers`, and parsed `data` verbatim.
```typescript
// @noErrors
import { Composio } from '@composio/core';
const composio = new Composio({ apiKey: 'your_api_key' });
const { status, data } = await composio.tools.proxyExecute({
endpoint: '/repos/composiohq/composio/issues/1',
method: 'GET',
connectedAccountId: 'ca_github_user_123',
parameters: [{ name: 'Accept', value: 'application/vnd.github.v3+json', in: 'header' }],
});
console.log(status, data);
```
<Callout type="warn">
Proxy execute rejects cross-domain requests, so the `endpoint` must resolve to the same domain as the connected account's toolkit, and you should not set the `Authorization` header yourself because Composio injects the correct credential for the account's auth scheme. This is an intentional security boundary, not a quota, so it cannot be bypassed by reshaping the request.
</Callout>
Proxy execute is a form of [direct tool execution](/docs/sessions-vs-direct-execution): it bypasses session state, tool schemas, and modifiers. If you are building an agent, prefer [sessions](/docs/configuring-sessions), and use the proxy only for the specific API call that is not available as a tool. The full request and response schema lives in the [`POST /api/v3.1/tools/execute/proxy`](/reference/api-reference/tools/postToolsExecuteProxy) reference.