WorkestraDocs
PlatformSettings

Connected Accounts

Manage OAuth connections to Gmail, Outlook, GitHub, Google Calendar, and other integrations.

Connected Accounts

Connect Workestra to your favorite tools and services for seamless workflows.

connected accounts page

Screenshot needed � add an annotated image showing this UI

Managing Connections

View all your connected accounts at Settings > Connected Accounts.

Connection List

Each connected account shows:

InformationDescription
ServiceProvider name and icon
AccountConnected email/username
StatusConnected, Expired, Error
Connected OnWhen the connection was established
Last UsedMost recent activity

Supported Integrations

Email

Connect your email accounts to send and receive emails directly in Workestra.

Gmail

What it enables:

  • Send emails from your Gmail address
  • Receive replies in Workestra Inbox
  • Email tracking (opens, clicks)
  • Contact sync

Permissions requested:

  • Read, send, and modify emails
  • View email metadata
  • Manage email labels

? Gmail Integration Details

Outlook / Microsoft 365

What it enables:

  • Send emails from your Outlook address
  • Real-time two-way email sync
  • Reply and forward from Workestra
  • Automatic CRM linking
  • Azure AD SSO support

Permissions requested:

  • Mail.Read � Read emails from your inbox
  • Mail.ReadWrite � Manage read/unread status
  • Mail.Send � Send emails on your behalf
  • User.Read � Read your profile
  • Contacts.Read � Sync contacts for CRM matching
  • Calendars.Read � Calendar events (future feature)
  • offline_access � Maintain sync without frequent re-auth

Enterprise features:

  • Azure AD Single Sign-On (SSO)
  • Multi-Factor Authentication (MFA)
  • Conditional Access policy support
  • Organization-wide admin consent

? Microsoft 365 Integration Details

The Microsoft 365 integration uses OAuth 2.0 with PKCE and AES-256-GCM encryption for maximum security. Your credentials are never stored.

Developer Tools

GitHub

What it enables:

  • Import documentation to Knowledge Base
  • Link issues to Projects (if implemented)
  • Sync repository activity

Permissions requested:

  • Read repositories
  • Read repository contents

? GitHub Integration Details

Calendar

Google Calendar

What it enables:

  • View calendar availability when scheduling
  • Create events from Workestra
  • Sync meeting invitations

Permissions requested:

  • calendar.readonly
  • calendar.events

Automation

Zapier

What it enables:

  • Connect Workestra to 5,000+ apps
  • Create automated workflows (Zaps)
  • Trigger actions based on Workestra events

Setup:

  • Generates API key with wkz_ prefix
  • Use key in Zapier's Workestra integration

? Zapier Integration Details

Finance

Stripe

What it enables:

  • Payment processing
  • Subscription billing
  • Invoice sync
  • Webhook event handling

Permissions:

  • Read payment data
  • Create charges
  • Manage subscriptions

? Stripe Integration Details

Banking

Connect bank accounts for automatic transaction sync:

ProviderCoverageFeatures
PlaidUS, CA, GB, FR, ES, NL, IEReal-time sync, reconciliation
Salt EdgeEU, UK, GlobalMulti-country support
Tink18 EU countries6,300+ banks
PontoBelgium/BeneluxEuropean focus

? Banking Integration Details

Monitoring

Sentry

What it enables:

  • Error tracking integration
  • Application monitoring
  • Performance insights

Setup:

  • Enter Sentry auth token (format: sntryu_...)
  • Auto-detects organization

? Sentry Integration Details

Other AI Providers

OpenAI

What it enables:

  • Module-specific AI features
  • Different from workspace AI settings

Setup:

  • Enter OpenAI API key
  • Configure per-module usage

? OpenAI Integration Details

Connecting a New Account

Step-by-Step

  1. Go to Settings > Connected Accounts
  2. Click Connect Account
  3. Select the service you want to connect
  4. Complete the OAuth flow
  5. Grant requested permissions
  6. Return to Workestra

OAuth Flow

Workestra uses industry-standard OAuth 2.0:

  1. You click Connect
  2. You're redirected to the provider (Google, Microsoft, etc.)
  3. You sign in (if not already)
  4. You review and approve permissions
  5. You're redirected back to Workestra
  6. Connection is established

Workestra never sees your password for connected accounts. We only receive an access token with the permissions you explicitly grant.

Microsoft 365 Connection Flow

Connecting Microsoft 365 follows a specific flow for enterprise security:

Click "Connect Outlook"
    ?
Review permissions modal
    ?
Redirect to Microsoft sign-in
    ?
Enter email + password
    ?
Complete MFA (if enabled)
    ?
Review app permissions
    ?
Click "Accept"
    ?
Redirect back to Workestra
    ?
Initial sync begins

If your organization requires admin consent, you'll see a message asking you to contact your IT administrator.

Reconnecting Expired Accounts

OAuth tokens expire periodically for security. When this happens:

  1. The account shows Expired status
  2. Click Reconnect
  3. Complete the OAuth flow again
  4. Service is restored

Some providers (like Google) require reconnection every 6 months. Set a calendar reminder to avoid interruptions.

Revoking Access

From Workestra

To disconnect an account:

  1. Find the account in Connected Accounts
  2. Click Disconnect or Revoke
  3. Confirm the action

What happens:

  • Connection is immediately severed
  • Data synced from the service remains
  • New data stops flowing

From the Provider

You can also revoke access from the provider's side:

Revoking from the provider side will cause errors in Workestra. We recommend disconnecting from Workestra first.

Connection Troubleshooting

"Connection Failed" Error

  1. Check that you're signed into the correct account
  2. Verify you granted all requested permissions
  3. Try incognito/private browser mode
  4. Clear cookies and try again

"Token Expired" Repeatedly

Some providers have short token lifetimes:

  • Reconnect the account
  • Check for provider-specific issues
  • Contact support if the issue persists

Your organization requires IT administrator approval:

  1. Contact your IT admin
  2. Ask them to approve "Workestra" app in Azure AD
  3. Alternatively, they can use the admin consent URL
  4. Retry connection after approval

Permissions Denied

If you denied permissions during OAuth:

  1. Disconnect the partial connection
  2. Reconnect and grant all requested permissions
  3. Some features won't work without full permissions

Security & Privacy

Data Access

Workestra only accesses the data necessary for the integration:

  • Email: Messages and metadata for Inbox sync
  • GitHub: Repository contents for documentation import
  • Calendar: Events for scheduling features

Data Storage

  • OAuth tokens are encrypted at rest (AES-256-GCM)
  • Tokens are never logged or exposed in the frontend
  • Data is stored only as long as the connection is active

Token Security Details

AspectImplementation
Encryption AlgorithmAES-256-GCM
Key ManagementEnvironment-based, rotated regularly
Token RefreshAutomatic before expiry
Failed RefreshAuto-deactivate after 10 failures
Cookie SecurityhttpOnly, Secure, SameSite=Lax

Third-Party Access

Workestra does not:

  • Sell your data to third parties
  • Use your data for advertising
  • Train AI models on your private data

Next Steps

Billing & Subscription

Manage your workspace subscription, view invoices, and handle payment methods.

Data & Privacy

GDPR data export, data deletion requests, retention policies, and audit logs.

On this page

Connected AccountsManaging ConnectionsConnection ListSupported IntegrationsEmailGmailOutlook / Microsoft 365Developer ToolsGitHubCalendarGoogle CalendarAutomationZapierFinanceStripeBankingMonitoringSentryOther AI ProvidersOpenAIConnecting a New AccountStep-by-StepOAuth FlowMicrosoft 365 Connection FlowReconnecting Expired AccountsRevoking AccessFrom WorkestraFrom the ProviderConnection Troubleshooting"Connection Failed" Error"Token Expired" Repeatedly"Admin Consent Required" (Microsoft 365)Permissions DeniedSecurity & PrivacyData AccessData StorageToken Security DetailsThird-Party AccessNext Steps