feat(providers): agent-powered oauth2 scope discovery by hassan254-prog · Pull Request #5701 · NangoHQ/nango

hassan254-prog · 2026-03-25T10:20:13Z

Describe the problem and your solution

This pr introduces an automated pipeline to maintain a catalogue of oauth2 scopes for every provider in Nango, and surfaces them as a searchable dropdown in the scopes input UI.

feat(providers): OAuth2 scope catalog pipeline with API exposure and scope-picker UI

This PR introduces a full provider-scope catalog system centered on a new packages/providers/providers.scopes.yaml dataset and a large new automation script at scripts/validation/providers/sync-scopes.ts. The script supports deterministic and agent-driven modes, batch processing, duplicate-key/YAML sanitization, comment preservation, fallback to default_scopes, validation guards, and CI check/write flows. It is wired into CI via test:providers:scopes, monthly automated sync in .github/workflows/sync-provider-scopes.yaml, and updates in .github/workflows/validation.yaml.

On the product side, provider APIs now include availableScopes through updates in packages/types/lib/providers/api.ts, packages/server/lib/formatters/provider.ts, and provider controllers. The web UI scope input was substantially refactored in packages/webapp/src/components-v2/ScopesInput.tsx to a chips+combobox interaction using new packages/webapp/src/components-v2/ui/combobox.tsx, with searchable suggestions, dedupe, paste/comma/enter parsing, and copy support, and integrated into OAuthCreateForm.

This summary was automatically generated by @propel-code-bot

TBonnin

I am not against leveraging llms but I open the generated yaml, click on the first link (brex docs) and it gave me a 404. I then checked a random provider (docusign) and there are some scopes missing. Maybe I was super unlucky but doesn't make me super confident.
One can argue it is better than having nothing but it is also a giant pile of data that we are gonna need to maintain

linear · 2026-03-27T13:06:05Z

NAN-4901 List available scopes for each integration

hassan254-prog · 2026-04-01T13:40:09Z

I am not against leveraging llms but I open the generated yaml, click on the first link (brex docs) and it gave me a 404. I then checked a random provider (docusign) and there are some scopes missing. Maybe I was super unlucky but doesn't make me super confident. One can argue it is better than having nothing but it is also a giant pile of data that we are gonna need to maintain

Yes, I agree, it’s better than having nothing. We will also mention in the docs how we obtain this list to keep it transparent with our customers. I believe that, at the start, the list is not 💯 correct, but over time it will continue to improve through iterative updates run on a monthly basis.

chatgpt-codex-connector

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 3572ef377c

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

Open a pull request for review
Mark a draft as ready
Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

chatgpt-codex-connector

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 18871bb68a

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

Open a pull request for review
Mark a draft as ready
Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

kaposke

[Review of the webapp changes]
I really like the new scopes component, works super well!

Just a few requests on component usage and icon sizing.

And I feel like the "add " item could scroll with the rest of the list like Bastien mentioned (unless you tried and it doesn't feel good?)

chatgpt-codex-connector

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: 18b3df0342

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

Open a pull request for review
Mark a draft as ready
Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

hassan254-prog · 2026-04-14T18:28:16Z

I’ve updated the “Add” item to scroll with the rest. I initially thought anchoring it at the top looked better, but we can revisit this later if needed.

chatgpt-codex-connector

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: edfd6272f5

ℹ️ About Codex in GitHub

Codex has been enabled to automatically review pull requests in this repo. Reviews are triggered when you

Open a pull request for review
Mark a draft as ready
Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

When you sign up for Codex through ChatGPT, Codex can also answer questions or update the PR, like "@codex address that feedback".

kaposke · 2026-04-14T22:16:29Z

+                    </Tooltip>
+                    <Tooltip>
+                        <TooltipTrigger asChild>
+                            <Button type="button" size="icon" variant="ghost" onClick={() => void deleteAllScopes()}>


I don't think you need this type="button" everywhere?

Suggested change

<Button type="button" size="icon" variant="ghost" onClick={() => void deleteAllScopes()}>

<Button size="icon" variant="ghost" onClick={() => void deleteAllScopes()}>

The default type for this button is "submit", without type="button", clicking this button would trigger form submission.

feat(scopes): list scopes using an agent

d2490c7

hassan254-prog self-assigned this Mar 25, 2026

hassan254-prog added 2 commits March 25, 2026 13:22

Merge branch 'master' into wari/scopes-list-poc

9d77e28

bump webflow api

a65b03e