Skip to content
GlazeGlaze
Integrations

Managing Connections

Once you've connected an integration, you'll want to keep an eye on how it's working in your app: checking what's connected, reconnecting when a token expires, and removing access you no longer need.

Where Connections Live

Connections are set up per project, so each app keeps its own. A connection lives inside the app the agent builds: the agent wires the service's sign-in and token handling into the app, but it never signs in itself. The running app is what signs you in, holds the connection, and lets you sign out again.

To add a service or have the agent re-wire one, click in the Agent Chat composer, click Integration, then describe what you want. See Agent Chat for more on that menu.

How Tokens Are Stored

When you sign in to a service, it hands back an access token. That token is what lets the app act as you, so it's stored encrypted on your Mac, protected by the Keychain, rather than inside the app or in plain files. The app reads it only when it needs to make a request on your behalf, and the agent never sees it.

Because the encryption key lives in the Keychain, your tokens are protected by macOS the same way your other saved credentials are. To learn what Glaze stores and how it's handled, see Glaze Privacy & Data.

Refreshing or Re-Authorizing

Access tokens don't last forever. Many services issue tokens that expire, and when the service supports it, the app refreshes an expired token automatically the next time it makes a request, so most of the time you won't notice.

You'll need to re-authorize by hand when:

  • A token expires and can't be refreshed automatically.
  • You revoked access at the service and want to grant it again.
  • A feature needs broader access than the connection was first granted.

To re-authorize, sign in to the service again from within the running app, the same way you first connected it, and approve the request in your browser. The new token replaces the old one.

Revoking Access

There are two sides to removing a connection:

  • In the app: Sign out of the service to delete the stored token from your Mac. The app can no longer act with that service until you sign in again.
  • At the service: Visit the provider's connected-apps or authorized-apps settings to revoke the access on their side too.

Troubleshooting a Broken Connection

If an app stops working with a service, the connection is usually the cause. Work through these in order:

  1. Re-authorize the connection: Sign in to the service again from within the app and approve it in your browser. An expired or revoked token is the most common reason a connection stops working, and reconnecting issues a fresh one.
  2. Check access at the provider: Make sure you haven't revoked the connection in the service's settings, and that your account there is still active.
  3. Confirm the app has the access it needs: If a feature fails but others work, the app may need broader access than it was granted. Tell the agent in Agent Chat what the feature should do, and reconnect when the app asks for more.
  4. For a custom provider, recheck the details: With a custom OAuth provider, confirm the client ID, redirect URL, and scopes are still correct. See Custom OAuth.

Last Updated: 30 June 2026