fix: pass authConfigs in getConnectors for custom OAuth connections

[sweetmantech]

Summary

• Connections created with custom auth configs (TikTok, Instagram) were invisible to getConnectors because it created Composio sessions without matching authConfigs
• Composio scopes connection lookups by auth config — if you authorize with a custom config, you must query with the same config
• Added buildAuthConfigs() helper that reads COMPOSIO_TIKTOK_AUTH_CONFIG_ID and COMPOSIO_INSTAGRAM_AUTH_CONFIG_ID from env vars

Test plan

• Added failing test first (TDD red) — verified getConnectors did NOT pass authConfigs
• Applied fix (TDD green) — test passes
• Existing tests still pass (no regression)
• Verify on preview: GET /api/connectors?account_id=9105f630-8e9f-4908-a2c4-3f68a6454c78 returns isConnected: true for TikTok/Instagram

🤖 Generated with Claude Code

---

Summary by cubic

Fixes getConnectors so TikTok and Instagram connections authorized with custom OAuth are returned. We now pass matching authConfigs from env vars when creating the Composio session.

• Bug Fixes

  • Pass authConfigs to the Composio session in getConnectors.
  • Extract buildAuthConfigs() module; reads COMPOSIO_TIKTOK_AUTH_CONFIG_ID and COMPOSIO_INSTAGRAM_AUTH_CONFIG_ID.
  • Tests: cover custom OAuth; fix env var cleanup with try/finally.

• Migration

  • If you use custom TikTok/Instagram OAuth, set the env vars above. No action needed otherwise.

^{Written for commit f81a7f3. Summary will update on new commits.}

Summary by CodeRabbit

• New Features
  • Added support for configuring TikTok and Instagram connector authentication through environment variables, enabling automatic authentication configuration when initializing these connectors.

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
recoup-api	Ready	Preview	Apr 6, 2026 4:31pm

[coderabbitai]

Warning

Rate limit exceeded

@sweetmantech has exceeded the limit for the number of commits that can be reviewed per hour. Please wait 14 minutes and 23 seconds before requesting another review.

Your organization is not enrolled in usage-based pricing. Contact your admin to enable usage-based pricing to continue reviews beyond the rate limit, or try again in 14 minutes and 23 seconds.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

ℹ️ Review info

⚙️ Run configuration

Configuration used: Path: .coderabbit.yaml

Review profile: CHILL

Plan: Pro

Run ID: 7a883fc3-3ebd-4aa0-a808-3b628f63e28c

📥 Commits

Reviewing files that changed from the base of the PR and between 9c18ca4 and f81a7f3.

⛔ Files ignored due to path filters (1)

• lib/composio/connectors/__tests__/getConnectors.test.ts is excluded by !**/*.test.*, !**/__tests__/** and included by lib/**

📒 Files selected for processing (2)

• lib/composio/connectors/buildAuthConfigs.ts
• lib/composio/connectors/getConnectors.ts

📝 Walkthrough

Walkthrough

Added an internal buildAuthConfigs() helper function that reads COMPOSIO_TIKTOK_AUTH_CONFIG_ID and COMPOSIO_INSTAGRAM_AUTH_CONFIG_ID environment variables to build toolkit-specific auth configurations. Updated getConnectors() to conditionally include these configs in Composio session creation.

Changes

Cohort / File(s)	Summary
Auth Configuration Setup lib/composio/connectors/getConnectors.ts	Introduced buildAuthConfigs() helper to read platform-specific auth config IDs from environment variables (TikTok, Instagram). Integrated conditional auth config spreading into composio.create() call without modifying function signatures or connector mapping logic.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~12 minutes

Possibly related PRs

• feat: add Instagram connector support #397: Directly related—both PRs handle authConfigs in the same file, reading environment variables and passing them to Composio session initialization
• fix: normalize Composio toolkit slugs to lowercase #253: Related through modifications to getConnectors.ts and changes to how composio.create() is invoked with options

Poem

🔐 TikTok and Instagram now dressed in their auth attire,
Environment variables spark the connector's fire,
Clean conditionals flow, no signatures break the mold,
Composio sessions crafted with credentials untold! ✨

🚥 Pre-merge checks | ✅ 1

✅ Passed checks (1 passed)

Check name	Status	Explanation
Solid & Clean Code	✅ Passed	Implementation demonstrates strong SOLID principles and clean code practices. The buildAuthConfigs() function exemplifies Single Responsibility Principle with focused purpose, clean readable code with appropriate JSDoc comments, and smart conditional logic to avoid undefined properties.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch fix/get-connectors-auth-configs

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cubic-dev-ai]

1 issue found across 2 files

Confidence score: 4/5

• This PR is safe to merge with minimal risk: the only concern is test hygiene in lib/composio/connectors/__tests__/getConnectors.test.ts, not production runtime behavior.
• The cleanup currently uses unconditional delete on process.env, which can leak or erase global environment state and cause flaky cross-test interactions if the original values are not restored.
• Pay close attention to lib/composio/connectors/__tests__/getConnectors.test.ts - restore process.env via try/finally to preserve prior values and avoid test-state pollution.

Prompt for AI agents (unresolved issues)

Check if these issues are valid — if so, understand the root cause of each and fix them. If appropriate, use sub-agents to investigate and fix each issue separately.


<file name="lib/composio/connectors/__tests__/getConnectors.test.ts">

<violation number="1" location="lib/composio/connectors/__tests__/getConnectors.test.ts:77">
P2: Restore `process.env` values with `try/finally` instead of unconditional `delete`; the current cleanup can leak or erase global env state across tests.</violation>
</file>

Architecture diagram

sequenceDiagram
    participant Caller as API Route / Caller
    participant GC as getConnectors()
    participant Env as Process Env
    participant SDK as Composio Client
    participant Remote as Composio API (External)

    Caller->>GC: getConnectors(accountId)

    rect rgb(240, 240, 240)
        Note over GC,Env: NEW: Map custom OAuth credentials
        GC->>Env: get COMPOSIO_TIKTOK_AUTH_CONFIG_ID
        GC->>Env: get COMPOSIO_INSTAGRAM_AUTH_CONFIG_ID
        Env-->>GC: authConfigs map
    end

    GC->>SDK: CHANGED: composio.create(accountId, { toolkits, authConfigs })
    
    SDK->>Remote: POST /sessions (initiate session)
    Note over Remote: Session is now scoped to specific<br/>TikTok/Instagram Auth Config IDs

    alt Successful session creation
        Remote-->>SDK: session object
        SDK->>Remote: GET /toolkits (fetch connection status)
        Note over Remote: Filtered by provided authConfigs
        Remote-->>GC: toolkits[] (with isConnected status)
        GC-->>Caller: Connector list
    else API Error / Timeout
        Remote-->>GC: Error
        GC-->>Caller: Throw error
    end

Loading

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review, or fix all with cubic.}

[sweetmantech]

SRP - new lib file for buildAuthConfigs.

• actual: function name and file name are different.
• required: new file with the same name as the function.

[cubic-dev-ai]

0 issues found across 3 files (changes from recent commits).

_{Auto-approved: Isolated fix for custom OAuth visibility in getConnectors, adds helper for env-based auth configs, and includes robust test coverage.}

[sweetmantech]

Preview Deployment Testing Results

Preview URL: recoup-api-git-fix-get-connectors-au-efd86a-recoupable-ad724970.vercel.app
Account: 9105f630-8e9f-4908-a2c4-3f68a6454c78

GET /api/connectors?account_id=9105f630-8e9f-4908-a2c4-3f68a6454c78

• Instagram: isConnected: true, connectedAccountId: "ca_qSDCRvhH0ukQ"
• TikTok: isConnected: true, connectedAccountId: "ca_W-P8M8onPAWn"
• Google connectors correctly show isConnected: false

Before fix (production)

All connectors returned isConnected: false despite active connections in Composio dashboard.

Root cause

getConnectors created Composio sessions without authConfigs, so connections made with custom OAuth configs were invisible to session.toolkits().