Build Your Integration

Handle Authentication

Zapier Example OAuth authentication

Many Zapier integrations use OAuth v2 authentication to connect user accounts, including Zapier’s built-in GitHub integration

The first thing to set up is authentication. Your integration defines how Zapier’s platform authenticates with the API and what data needs to be collected from users to allow access to their accounts. Zapier supports most popular authentication schemes, including basic auth with username and password, API key auth, digest, session, and OAuth v2.

Whenever someone uses your integration in a Zap, they’ll first select your app, then will connect their account. That’s where the authentication flow comes in. Zapier shows a popup window where users login and select their account with OAuth2, or where they can enter account details with basic auth.

1. Select Your Authentication Scheme

Zapier Visual Builder select auth

Zapier supports a wide range of authentication schemes—select the best one for your app

We’ll use OAuth v2 in this example GitHub integration, following the steps here. With OAuth2, Zapier sends users to your site to authenticate. Click the Authentication tab in Zapier Visual Builder, then select OAuth v2 from the menu. Zapier will create a form to complete the required configuration automatically.

If you want to use another authentication scheme, check our auth docs for more details and use them instead of the steps below.

2. Configure Authentication Fields

Zapier Visual Builder auth fields

If your OAuth v2 implementation is standard and users don’t need to input any additional fields such as sub domain to access the authorization url, you don’t need to make any changes in this section

If you do add input fields in this section, this will show a form to users with the fields you’ve added before redirecting them to your authorization URL. More on adding an OAuth v2 input form here. For our example GitHub integration, we will not make any changes to this section.

2. OAuth Redirect URL

Zapier Visual Builder OAuth2 redirect

Copy the OAuth Redirect URL generated by Zapier, and add it to the allowed list for the new application you’ve added for the OAuth integration with Zapier - typically this application is created in your app’s application, integration, or API settings. In GitHub’s interface, this field is called the authorization callback URL.

GitHub callback

3. Enter Application Credentials

Zapier Visual Builder OAuth2 credentials

In your new application’s developer settings in GitHub, you’ll receive credentials that Zapier will use to verify itself to your app - called a Client ID and Client Secret.

Copy that data and paste those items in their respective fields. Zapier will use that data along with the authorization URL to receive the request token from GitHub.

GitHub Client ID

Click Save & Continue to save your progress so far.

4. Add OAuth v2 Endpoint Configuration

Authorization URL

Zapier Visual Builder OAuth2 endpoint configuration

Add the Authorization URL from GitHub’s documentation with the specified GET method.

Selecting Show Options allows you to further specify URL parameters and HTTP headers as needed for the authorization request. By default, Zapier includes client_id, state, redirect_uri and response_type as URL parameters, which you can edit as needed based on your API’s documentation.

For GitHub, we’ll keep the default settings.


Zapier Visual Builder OAuth2 scope

An app’s API documentation will include the available scopes. For this example, we’ll give our app repo and user scopes. You can see all the available scopes for GitHub here.

OAuth Authorize screenshot

Access Token Request

Next add the Access Token Request URL as a POST call.

Zapier Visual Builder OAuth2 access token request

By default, Zapier will pass the client ID, client secret, authorization code, redirect URI, and a standard authorization_code grant type in the API request body. If you need to change that, click the Show Options button and add any additional call details needed.

Refresh Token Request

If your API supports automated token refresh, you would add your API’s Refresh Token Request endpoint here, and check the Automatically Refresh Token box to automatically request a refreshed token if any request receives a 401 from your app. This will help Zapier stay connected to your users’ accounts and enable Zaps to run in the background without interrupting users as long as possible.

Zapier Visual Builder - OAuth2 Refresh Token Reqeuest screenshot

For this example for GitHub, we’ll leave this section blank as reviewing the API docs, there is no mention of automated token refresh.


Zapier Visual Builder OAuth2 test

Add an endpoint URL to test the user’s credentials and return a successful authentication message. Here we’ll add GitHub’s user API call to the Test field.

Connection Label

Zapier Visual Builder connection label

Zapier Zap Editor Connection Label

Add a connection label, and users’ accounts in Zapier will be personalized to easily distinguish between multiple accounts.

You can also add details to the account. Whenever a new account is authenticated with Zapier, Zapier adds a Connection Label so users can identify accounts and add multiple accounts if desired. Customize this label with output fields from the API call (learn more in our connection label docs).

For GitHub, add {{bundle.inputData.login}} to the Connection Label to include the user’s GitHub username along with the app name that Zapier automatically includes.

5. Test The Authentication

Zapier Visual Builder OAuth test - test setup

Zapier Visual Builder OAuth test - response

OAuth v2 sends users from Zapier to your site to authenticate

Then test the authentication. Click Sign in, and authorize. If you’re already logged in, the OAuth window will briefly appear and authenticate the app. You can now use this GitHub account to test triggers and actions as you build them into your integration.

When others use your integration, they’ll see a similar login flow to connect their GitHub account to Zapier—only there, the popup window will open from the Zap Editor.

Need help? Tell us about your problem and we’ll connect you with the right resource or contact support.