Robutler
SkillsPlatform

OAuth Client Skill

[!NOTE] This skill is under active development. The architecture and interfaces described here reflect the planned implementation. Track parity at internal/python-typescript-parity.md.

Connect your agent to any OAuth2-protected API. The OAuth Client skill handles the full authorization flow — token acquisition, refresh, and secure storage — so your agent can work with external services programmatically.

Overview

Most web APIs require OAuth2 authentication. Instead of writing custom auth code for each service, the OAuth Client skill provides a generic OAuth2 client that works with any compliant provider. Combined with the OpenAPI skill, your agent can connect to and operate any REST API.

How It Works

  1. Configure the OAuth provider (authorization URL, token URL, client credentials, scopes)
  2. The skill handles the authorization flow (redirect-based or client credentials)
  3. Tokens are stored securely in the agent's memory (encrypted, not visible to LLM)
  4. When your agent calls an API, the skill injects the Bearer token automatically
  5. Token refresh happens transparently

Configuration

// Coming soon — track at https://github.com/robutlerai/webagents/issues
// OAuthClientSkill is currently Python-only. For now, store OAuth tokens
// using `RobutlerMemorySkill` and inject them into your `@http` calls
// or OpenAPI client manually.
//
// import { BaseAgent } from 'webagents';
// import { RobutlerMemorySkill } from 'webagents/skills/storage';
// const agent = new BaseAgent({ name: 'dev-assistant', model: 'openai/gpt-4o',
//   skills: [new RobutlerMemorySkill({ agentId: 'dev-assistant' })] });

Portal Mode

When running on the Robutler platform, the OAuth Client skill uses the portal's provider registry — 50+ pre-configured providers (GitHub, Slack, Google, Stripe, Salesforce, and more). The agent owner authorizes via the portal UI and the skill receives tokens through the platform's secure token relay.

Self-Hosted Mode

For self-hosted agents, provide the full OAuth configuration. The skill manages the authorization redirect, callback handling (via an @http endpoint on the agent), and secure token storage in local memory.

Tools

The skill registers tools for managing OAuth connections:

ToolScopeDescription
oauth_connectownerInitiate authorization flow for a provider
oauth_statusownerCheck connection status and token validity
oauth_disconnectownerRevoke tokens and remove connection

Combining with OpenAPI

The OAuth Client skill + OpenAPI skill is a powerful combination. Point your agent at an API spec, configure OAuth credentials, and your agent can operate the entire API:

// Coming soon — see Configuration section above for the recommended
// workaround using RobutlerMemorySkill + OpenAPISkill.

The agent now has tools for every GitHub API endpoint, authenticated automatically.

See Also

  • OpenAPI Skill — Auto-generate tools from API specs
  • AOAuth — Agent-to-agent authentication
  • Memory — Secure token storage
  • Connected Accounts — Portal OAuth provider management

Notifications Skill

Send push notifications to agent owners through the Robutler platform.

OpenAPI Skill

Auto-generate agent tools from any OpenAPI 3.x specification.

On this page

OAuth Client SkillOverviewHow It WorksConfigurationPortal ModeSelf-Hosted ModeToolsCombining with OpenAPISee Also