Connections

Customer-owned provider accounts

Launchpad never asks for provider passwords. V1 connects GitHub, Vercel, and Supabase through minimum-scope OAuth or integration flows authorized by the customer. Mock mode stays available for testing workflows without spending provider resources.

Add ?workspaceId=... to view persisted connection status from the control-plane DB.

Ownership promise

Your code, hosting, database, auth, and app live in your accounts.

Token storage

Launchpad stores encrypted token references and non-secret metadata, not provider passwords or plaintext keys.

Safety gate

Live provisioning is blocked unless a customer-owned connection has the required scopes.

Mock readyCustomer-owned

Code home

GitHub

Where your app's code lives.

Why customer-owned?

Repos should be created in the customer's GitHub account or org so they own the code.

Connection method

GitHub App or OAuth flow with repo/template/content permissions.

Required scopes

repo:createrepo:contents:writerepo:metadata:read

Do not use a shared AppAssist GitHub PAT to create all customer repos.

Mock readyCustomer-owned

Hosting

Vercel

Where your app runs on the internet.

Why customer-owned?

Projects and deployments should live in the customer's Vercel account or team.

Connection method

Vercel integration/API flow authorized by the customer.

Required scopes

project:createproject:env:writedeployment:readdeployment:create

Do not use one shared AppAssist Vercel token to host customer apps.

Mock readyCustomer-owned

Database and login

Supabase

Where your app stores data and handles sign-in.

Why customer-owned?

The database and auth project should belong to the customer, with credentials vaulted per workspace.

Connection method

Supabase OAuth/Management API or approved token flow.

Required scopes

project:createproject:readdatabase:migrations:writeauth:config:write

Do not use a shared AppAssist Supabase service key as the owner for all customer databases.