Connecting accounts
The OAuth connect → callback → refresh flow that produces a connection.
For OAuth providers, a connection is created by walking the user through the provider's consent screen. Nolixan handles the callback, stores the tokens encrypted, and refreshes them automatically thereafter.
The flow
- Start — your app sends the user to Nolixan's connect URL for the provider. Nolixan redirects to the provider's OAuth consent screen.
- Consent — the user approves the requested scopes at the provider.
- Callback — the provider redirects back to Nolixan's callback. Nolixan exchanges the code for tokens and stores them as a connection (encrypted at rest, AES-256-GCM).
- Refresh — when an access token nears expiry, Nolixan refreshes it using the refresh token before the next action runs. You never handle raw tokens.
The connection's connection_id identifies which account was connected; use it when you
execute actions.
Which OAuth app is used
By default Nolixan can use a managed OAuth app so your users get one-click connect, or you can bring your own client credentials. See Managed vs custom auth and White-labeling.
Non-OAuth providers
For API-key or token providers, create the connection directly by storing the credentials.