DEV.co
MCP Servers · oomol-lab

open-connector

OpenConnector is an open-source gateway that securely connects AI agents and applications to 1,000+ SaaS providers (GitHub, Gmail, Notion, Slack, etc.) through a unified interface. It handles credential management, OAuth flows, and action execution while keeping secrets server-side, accessible via SDK, CLI, MCP, HTTP, or a web console.

Source: GitHub — github.com/oomol-lab/open-connector
903
GitHub stars
42
Forks
TypeScript
Primary language
Apache-2.0
License (OSI-approved)

Key facts

Objective fields from the source. Values we can't verify are shown as “Unknown” rather than guessed.

FieldValue
Repositoryoomol-lab/open-connector
Owneroomol-lab
Primary languageTypeScript
LicenseApache-2.0 — OSI-approved
Stars903
Forks42
Open issues1
Latest releasev1.0.0 (2026-07-08)
Last updated2026-07-08
Sourcehttps://github.com/oomol-lab/open-connector

What open-connector is

TypeScript-based auth gateway exposing 9,400+ prebuilt Actions across 1,000+ providers. Deployable as Node.js/Docker locally, on Cloudflare Workers (with D1/R2), or via OOMOL's hosted runtime. Provides OpenAPI 3.1 contracts, MCP protocol support, credential encryption, scope policies, and inspectable run logs.

Quickstart

Get the open-connector source

Clone the repository and explore it locally.

terminalbash
git clone https://github.com/oomol-lab/open-connector.gitcd open-connector# follow the project's README for install & configuration

Need it deployed, integrated, or customized instead? DEV.co ships production installs.

Best use cases

Agent-driven multi-SaaS workflows

AI agents that need persistent, user-specific access to multiple work apps (CRM, email, docs, analytics) without holding user credentials in the agent process.

Self-hosted or edge-deployed agent backends

Teams requiring full control over auth infrastructure, audit logs, and credential storage. Deployable on Cloudflare Workers or private infrastructure.

B2B SaaS adding agent capabilities

Product teams integrating agentic features into their platform and needing stable, schema-driven connectors to third-party tools with OAuth approval paths.

Implementation considerations

  • Requires Node.js 22+ and either Docker Compose (local) or Cloudflare account + CLI setup (wrangler). Plan for 2–4 hours initial deployment.
  • Credential storage backend (local SQLite, D1, or OOMOL-hosted) must be decided upfront; encryption keys and rotation policies are operator responsibility.
  • OAuth setup for each provider requires vendor app registration and approval; some vendors (Google, GitHub, Slack) may take days or weeks for approval.
  • Action executor source code is lazy-loaded; verify that required provider Actions are available and current in the catalog before relying on them.
  • MCP, HTTP, SDK, and CLI interfaces all expose the same Action contracts but have different auth/invocation patterns; choose based on agent framework (claude, etc.).

When to avoid it — and what to weigh

  • Need cutting-edge provider coverage — Project is newly released (v1.0.0 as of 2026-07-08). Provider catalog maturity and real-world compatibility with all 1,000+ claimed providers requires verification in production.
  • Minimal operational overhead required — Self-hosted deployment requires managing Docker, Node.js, databases, and credential encryption. Cloudflare deployment adds Worker/D1/R2 familiarity requirements.
  • Cannot use Apache 2.0 license — Project is Apache 2.0 licensed. If your commercial product or internal use has stricter license compatibility requirements, requires legal review.
  • Real-time, sub-100ms latency critical — Gateway adds a hop between agent and provider. Cloudflare deployment may introduce latency; performance characteristics under load are not documented.

License & commercial use

Apache License 2.0 (permissive, OSI-approved). Allows commercial use, modification, and distribution with copy of license and notice of changes. No patent grant; no warranty.

Apache 2.0 permits commercial use and closed-source derivative products. However, any modifications to the licensed code must be disclosed if distributed. Verify with legal counsel if you modify and redistribute the library. No guarantee of vendor support for commercial deployments; hosted OOMOL option available as alternative.

DEV.co evaluation signals

Editorial assessment — not user reviews. Directional, with an explicit confidence level.

SignalAssessment
MaintenanceActive
DocumentationAdequate
License clarityClear
Deployment complexityModerate
DEV.co fitStrong
Assessment confidenceMedium
Security considerations

Project keeps credentials and scopes behind the runtime boundary (good design). Credential encryption, secret rotation, and audit logging are operator/configuration responsibilities. No third-party security audit mentioned. OAuth flows follow standard practices. MCP, HTTP, and SDK endpoints should all enforce auth tokens or caller identity policies—verify token lifecycle and policies are correctly set before production use.

Alternatives to consider

Composio

Comparable auth gateway for agents; closed-source but hosted option with similar provider coverage. Use if you prefer vendor-managed infrastructure over self-hosted.

Zapier/Make (formerly Integromat)

Mature, cloud-only integration platforms with 5,000+ apps. Use if you need no-code automation and can tolerate vendor lock-in.

LangChain Tools / Custom Agent Middleware

Lower-level approach: build credential handling and provider integrations in-app. Use if integration scope is small and you prefer minimal external dependencies.

Software development agency

Build on open-connector with DEV.co software developers

Start with a local Docker deployment or deploy to Cloudflare in minutes. Review the quickstart guide and evaluate provider coverage for your use case.

Talk to DEV.co

Related open-source tools

Surfaced by semantic similarity across the DEV.co open-source index.

Related on DEV.co

Explore the category and the services that help you build with it.

open-connector FAQ

Can I use OpenConnector with Claude, GPT-4, or other LLMs?
Yes. Expose Actions via MCP (for claude.ai desktop or compatible hosts), HTTP (for any LLM API with tool calling), or SDK (for in-process agent code). Agent framework must support one of these interfaces.
Where do user credentials live?
Behind the OpenConnector runtime boundary. Credentials are stored in the configured backend (local SQLite, Cloudflare D1, or OOMOL-hosted). Agent and caller code only receive metadata and execution results, not secrets.
Can I deploy OpenConnector on AWS, GCP, or Kubernetes?
Documented paths are local Docker/Node, Cloudflare Workers, or OOMOL-hosted. Kubernetes or cloud-native deployment is not explicitly covered; you would need to containerize and manage state/secrets yourself.
How many providers and Actions are actually available?
Badge claims 1,000+ providers and 9,400+ Actions, sourced from a dynamic catalog. Verify current count at https://connector.oomol.com/v1/catalog. Coverage depth (missing or outdated Actions) requires testing in your use case.

Work with a software development agency

Need help beyond evaluating open-connector? DEV.co is a software development agency offering software development services and web development for teams of every size. Our software developers and web developers build custom software, web applications, APIs, and mcp servers integrations — and maintain them long-term.

Ready to connect your agents to SaaS?

Start with a local Docker deployment or deploy to Cloudflare in minutes. Review the quickstart guide and evaluate provider coverage for your use case.