ConceptsEdit on GitHub
Connections
Let the agent call your external tools, brokered server-side per project.
A connection (connector) lets a project's agent call an external tool or service — Slack, Gmail, a database, any HTTP/GraphQL API. Connections are per-project, and the agent can only use what you connect.
- Declared as
connectorsin the manifest — provider is one of Pipedream, MCP, OpenAPI, GraphQL, HTTP, Channel (chat platforms like Slack), or Computer (a connected machine). The definition lives in git; the credentials live in the platform, never in the repo. - Channel + Computer connectors auto-materialize. Connecting Slack
(Channels) creates a
kortix_slackconnector (providerchannel); connecting a machine (Computers) creates thecomputerconnector — no manifest entry needed. The plainslackslug is reserved and blocked from user-declared connectors so it can't shadow the built-in channel. The Slack credential is the install token; thecomputerconnector has no credential at all (the live tunnel is the credential), and per-machine access is granted in Computers. - Credentials are shared. One credential covers the whole project. (Legacy
manifests can still say
credential = "per_user"— per-member BYO credential — but that mode was removed; it's tolerated and silently resolves toshared.) - Per-call policies — each tool can be set to run, require approval, or be blocked.
- Set up in the dashboard — the project's Connectors page offers Pipedream one-click connect plus a custom path for OpenAPI/GraphQL/MCP/HTTP. See Connecting your tools.
- Which agent may use which connector is a separate, per-agent grant —
each agent's
connectorsfield in the manifest (all,none, or a list of slugs; see Agents). Connecting a tool to the project doesn't hand it to every agent automatically.
Under the hood
Every session gets a kortix-executor MCP server and a scoped Executor token.
The agent discovers tools through it (connectors → discover → describe →
call); each call is brokered by the Kortix API, which resolves the credential
server-side, enforces sharing and policies, runs it, and audits it. The agent
never holds third-party credentials. Pipedream's one-click connect requires
Pipedream API keys to be configured on the platform.