LeashLeash
SDK

Connections

Check whether the calling user has connected a provider, list every connection, or send them through OAuth. In 0.4 these live on the platform REST surface — the typed Leash client covers integration calls themselves; connection listing/management is one fetch away.

Forward the calling user's leash-auth cookie and send your app's X-API-Key header. From a Next.js API route the simplest pattern is to reuse the incoming request's cookie header.

List all connections

GET /api/integrations/connections returns one entry per known provider. Each row has a providerId and a status:

  • active — connected, tokens valid.
  • expired — refresh failed; prompt the user to re-authorize.
  • not_connected — the user hasn't authorized this provider yet.
app/api/connections/route.ts
export async function GET(req: Request) {
  const res = await fetch('https://leash.build/api/integrations/connections', {
    headers: {
      'X-API-Key': process.env.LEASH_API_KEY!,
      cookie: req.headers.get('cookie') ?? '',
    },
  })
  const { data } = await res.json()
  // data: [{ providerId, providerName, status, accountEmail?, ... }, ...]
  return Response.json({ connections: data })
}

Send a user through OAuth

GET /api/integrations/connect/<provider> 302s to the provider's consent screen. Redirect the browser there directly — no SDK call needed. Optional return_url sends them back to your app after the round-trip.

app/connect/[provider]/route.ts
export async function GET(
  req: Request,
  ctx: { params: Promise<{ provider: string }> },
) {
  const { provider } = await ctx.params
  const returnUrl = new URL('/settings/integrations', req.url).toString()
  const target = new URL(`https://leash.build/api/integrations/connect/${provider}`)
  target.searchParams.set('return_url', returnUrl)
  return Response.redirect(target, 302)
}

Reserved provider slugs (gmail, google_calendar, google_drive, …) map to built-in providers. Custom OAuth slugs are registered per-org — see Custom OAuth providers.

Check one provider

There's no dedicated single-provider endpoint — read the list and look up by slug. The result is cheap to cache for the lifetime of a request.

const res = await fetch('https://leash.build/api/integrations/connections', {
  headers: { 'X-API-Key': process.env.LEASH_API_KEY!, cookie: req.headers.get('cookie') ?? '' },
})
const { data } = await res.json() as { data: { providerId: string; status: string }[] }
const gmail = data.find(c => c.providerId === 'gmail')
const hasGmail = gmail?.status === 'active'

Errors surface as LeashError only on typed SDK calls (full code list). Raw REST calls return { success, error } with the standard HTTP status — 401 unauthenticated, 403 not allow-listed, 404 unknown provider.