// vanta agent · connections

Connect your tools. On a least-privilege leash.

Connections is the connector hub: link Vanta to Gmail, GitHub, Cloudflare, and Discord with a one-click OAuth flow. Every requested scope is rendered as a plain-language, least-privilege summary so you can see exactly what you're granting — and tokens are minted and stored in your OS keychain on the Rust side, never in the app.

Join the waitlistRead the docs
§ 01

One-click OAuth, least-privilege

Pick a provider and connect — bundled OAuth client defaults mean there's nothing to register. Vanta asks for the narrowest scopes it needs and shows each one in plain English: “Read your email”, “Create and change DNS records”, “Send messages”. You grant deliberately, not blindly.

connections
gmail Read your email linked
cloudflare Read + edit DNS records linked
github Repos · notifications linked
discord Send messages add →
§ 02

Secrets never touch the app

Access and refresh tokens and client secrets live only in your OS keychain, handled on the Rust side. The UI only ever sees a non-secret projection — provider, account label, granted scopes, timestamps. A bare token never crosses the boundary.

Note

Every connector call is written to an audit log you can read — what ran, when, and against which account.

// related
Routines

Describe a recurring task in plain language; confirm the schedule; set how much it may do on its own. Autonomous writes are opt-in, per routine.

Explore
Vanta Agent

Not orchestration — one agent across a few surfaces: chat, single-folder code, OAuth connectors to your tools, and scheduled routines. Local-first; it hosts the Vanta engine.

Explore
Chats

A general assistant with web search and fetch on, and the filesystem and shell denied. Ask anything; no code is touched here.

Explore

Stop supervising one agent.

Vanta Studio is launching soon. Join the waitlist and start directing a team.

Join the waitlistAll features