Skip to Content
HomeAuthorizationAuthorized Tool Calling

Authorized Tool Calling

Arcade provides an authorization system that handles OAuth 2.0, , and user tokens needed by AI to access external services through . This means your AI agents can now act on behalf of securely and privately.

With Arcade, developers can now create that can as as the end of their application to perform tasks like:

  • Creating a new Zoom meeting
  • Sending or reading email
  • Answering questions about files in Google Drive.

Arcade also allows for actions (tools) to be authorized directly. For example, to access a user’s Gmail , you can utilize the following guide.

Initialize the client

Import the in a Python/Javascript script. The client automatically finds set by arcade login.

Python
from arcadepy import Arcade
 
client = Arcade() # Automatically finds the `ARCADE_API_KEY` env variable

Authorize a tool directly

Many require authorization. For example, the Gmail.ListEmails tool requires authorization with Google.

This authorization must be approved by the user. By approving, the user allows your or app to access only the data they’ve approved.

Python
# As the developer, you must identify the user you're authorizing
# and pass a unique identifier for them (e.g. an email or user ID) to Arcade:
USER_ID = "{arcade_user_id}"
 
# Request access to the user's Gmail account
auth_response = client.tools.authorize(
  tool_name="Gmail.ListEmails",
  user_id=USER_ID,
)
 
if auth_response.status != "completed":
    print(f"Click this link to authorize: {auth_response.url}")

This will print a URL that the must visit to approve the authorization.

Check for authorization status

You can wait for the authorization to complete using the following methods:

Python
client.auth.wait_for_completion(auth_response)

Call the tool with authorization

Once the user has approved the action, you can run the . You only need to pass the user_id:

Python
emails_response = client.tools.execute(
    tool_name="Gmail.ListEmails",
    user_id=USER_ID,
)
print(emails_response)

Arcade remembers the user’s authorization tokens, so you don’t have to! Next time the user runs the same , they won’t have to go through the authorization process again until the auth expires or is revoked.

How it works

When you call a with client.tools.execute(), Arcade:

  1. Checks for authorization.
  2. Routes the request to the ’s provider.
  3. Returns the ’s response.

With client.tools.authorize(), you can also authorize for later use.

These APIs give you programmatic control over calling.

Next steps

Arcade also allows you to build your own tools to integrate any custom functionality or API to your or AI workflows.

Your can use the service providers supported by Arcade or you can integrate with any OAuth2-compatible service.

Last updated on
How Arcade HelpsChecking Authorization Status