Today, we’re introducing Connected Apps—a powerful new feature that makes it easy for your application to be integrated with AI agents, third-party apps, and multi-app ecosystems. With Connected Apps, your application can become an OAuth 2.0 identity provider, delegating access and permissions to build seamless integrations with other first-party and third-party applications.

Whether you’re building AI-driven workflows or an enterprise integration, Connected Apps makes it easy for you to authenticate users, grant scoped permissions, and share data with other applications. With your app as the identity provider, Stytch brings all your connected applications into one place, making it easier to scale, control access, and manage permissions across all your integrations.

What once required months of engineering work can now be accomplished in minutes with Stytch. Let’s take a closer look.

OAuth: Powering the Future of Integrations

As AI agents become more widespread and data connectivity becomes even more essential for modern workflows, applications must carefully consider how external access to their data and actions are managed. The good news is that we already have a robust standard for delegating secure, scoped, and revocable access with user consent: OAuth.

At its core, Connected Apps is built on OAuth 2.0 and OIDC, providing a trusted, industry-standard way to authenticate and authorize users across applications. But we’ve taken it further, abstracting away complexity so developers can focus on building new integrations quickly.

With Connected Apps, Stytch handles all the heavy lifting for you by:

• Implementing OAuth 2.0/OIDC flows end-to-end.
• Managing token issuance, validation, and revocation.
• Ensuring strict compliance with RFC 6749, security best practices, and session integrity.

What Is Connected Apps Exactly?

Connected Apps is a Stytch OAuth feature that enables you to configure any app as a fully compliant OAuth 2.0/OIDC Identity Provider with just a few steps in the dashboard and a few lines of code using the frontend SDK component.

You can follow our getting started guide for step-by-step instructions on how to configure your first Connected App.

For each integration, you create a Connected App and configure their settings:

• Client types: Categorize each Connected App as a first or third-party application to align end-user consent flows with appropriate trust levels.
• Custom scopes: Set granular permissions by defining the exact levels of access each Connected App Client can request within issued access tokens.
• Custom claims: Define specific claims to include in the access token.
• Secret rotation and PKCE: Manage client secrets or implement PKCE to create a secure exchange.
• Redirect URLs: Specify allowed callback URLs for OAuth flow completions.

Once configured, you can leverage Connected Apps to:

• Issue access tokens to third-party apps.
• Transfer authentication state from browsers to extensions, plugins, and desktop apps without having to force users to re-enter credentials.
• Enable seamless cross-domain navigation between distinct domains without terminating a user’s session (e.g. moving from Gmail to YouTube to Google Docs).
• Authenticate AI agents that can perform delegated tasks across all the apps a user is registered with.

Building with Connected Apps

Connected Apps unlocks a whole new set of possibilities for developers, limited only by what data sources can be integrated. These examples highlight just a few of its use cases.

AI Agents and Workflows

From Anthropic’s Computer Use to OpenAI’s Operator to DeepSeek’s OSS models, AI agents are redefining what’s possible with end-to-end workflows by leveraging the same authentication protocols as Connected Apps.

For example, take coding agents like Devin.ai and Lovable.dev, who act like AI engineers embedded across your codebase and tool stack. When Devin wants repo access, it acts as an OAuth client, requesting permissions and access from GitHub as the identity provider. When it connects to Slack, another identity provider, it’s also an OAuth flow, scoped to channels and permissions. But what if you want AI agents like Devin to interact with your app?

That’s where Connected Apps comes in.

Stytch’s Connected Apps makes your app an identity provider, enabling the next-wave of AI agents to interact with your platform securely, and with the right permissions in place within the OAuth framework.

AI agents are reshaping sales, marketing, support, even everyday consumer experiences. Whether it’s an AI-powered sales agent optimizing B2B operations or a smart home AI assistant automating daily routines, Stytch provides the secure authentication and authorization layer needed to orchestrate all these operations on your platform.

Connected Apps helps your app become a foundation for AI-powered integrations.

Third-Party Data Sharing and Integrations

Connected Apps also enables foundational OAuth use cases like cross-application logins and integrations—allowing your application to authenticate users and facilitate secure data sharing between third-party apps. These cross-app integrations are essential for automating key workflows like in finance and payments with services like Plaid Exchange.

Let’s consider another example, Zapier, a platform that automates workflows across countless apps. With Stytch, your application can leverage Connected Apps to act as the identity provider and issue access tokens to third-party applications like Zapier to securely interact with your app’s API with read and write access.

This same flow could also be utilized to enable users to log into Zapier using your application, without creating new credentials.

1. A user visiting Zapier would select the “Log in with [your app]” on the login page.
2. Zapier redirects the user to your application who would forward the OAuth login request to Stytch Connected Apps for authentication.
3. Upon successful authentication and authorization code exchange, Stytch redirects the user back to Zapier with an access token on your application's behalf.

Sharing Sessions Across Devices and Domains

Additionally, Connected Apps can transfer and secure authentication across multiple first-party apps—ensuring a frictionless user experience across your entire product ecosystem.

Take Google and YouTube as an example. A user signed into Google (google.com) can seamlessly access YouTube (youtube.com) without logging in again because Google acts as the identity provider, managing authentication across both platforms.

Or Netflix and logging in between multiple devices.

With Connected Apps, your application as the identity provider is capable of sharing auth state across:

• Domains: Authenticate users across multiple web properties, yourapp.com vs. yourapp.test.
• Applications: Maintain authentication across distinct services and products, just like Google and YouTube.
• Devices and platforms: Enable users to stay signed in across mobile, TV, desktop, web browsers, and even CLI applications.

Getting Started

Ready to explore Connected Apps? Check out our step-by-step guide in the developer docs and sign up for a free developer account if you don’t have one already.

Happy building and stay tuned for the rest of Launch Week!

Follow us on X for daily product announcements.