Plane apps are currently in Beta. Please send any feedback to support@plane.so.
Introduction
Plane apps seamlessly integrate tools and services with Plane so you can use them without ever leaving your Workspace. Apps are conveniently available from our marketplace, helping you stay focused and productive.Why Build a Plane App?
Stop doing manual work. Plane integrations eliminate repetitive tasks like copying updates between tools, creating work items from support tickets, and generating status reports. Instead of spending hours on administrative work, let your app handle it automatically. Connect everything you already use. Your team probably uses dozens of different tools. Plane apps create a unified workflow by connecting your favorite CRM, time tracking app, CI/CD pipelines, communication tools, and more, together into Plane. One change in Plane can trigger updates across your entire tech stack. Build exactly what you need. Unlike rigid SaaS platforms, Plane’s open core nature means you can create integrations that fit your specific workflow.Prerequisites
- A Plane workspace
- Admin access to your workspace settings
- Familiarity with OAuth 2.0 concepts (authorization code flow)
- A backend server to handle OAuth token exchange
High-Level Workflow
- Register your app on Plane developer portal
- Implement OAuth flow
- Obtain and store access tokens securely
- Make authenticated API requests to Plane
- Handle token refresh
Registering Your App
To build an OAuth application with Plane:-
Navigate to
https://app.plane.so/<workspace_slug>/settings/integrations/
. - Click on the Build your own button.
-
Fill out the form with the required details:
- Setup URL: Provide the URL that users will be redirected to when they click “Install” from the marketplace or from the app listing. This URL should initiate the OAuth flow for your application.
- Redirect URIs: Provide the URIs where Plane will send the authorization code after the user consents to the app.
- Webhook URL Endpoint(Optional): Your service’s webhook endpoint. Plane will send an HTTP
POST
request to this endpoint upon every change to the workspace in which your app was installed. - Contact Details: Add your email or other contact information.
- Organization Details(Optional): Optionally include your contact email, privacy policy URL, terms of service URL, and any other relevant information. This helps Plane validate and approve your application should you choose to list in the marketplace.
- If you’re building an agent (with or without using Plane’s ADK) capable of performing operations when assigned or mentioned, enable the Enable App Mentions checkbox during app creation.
- Once the app is created, securely store the generated Client ID and Client Secret. You will need these credentials to interact with Plane’s API during the OAuth flow and for making authenticated API requests.
Implement OAuth Flow
Generating Consent URL (Optional)
This step is optional. This is needed only if the app should be installed from outside Plane’s environment, the developer needs to generate the consent URL using the client ID generated during their app creation flow. If this flow needs to be triggered from Plane marketplace as well, then provide the URL in “Setup URL” field on application create screen to redirect the user from marketplace on clicking “Install App” button. Below are sample implementations:- Python
- TypeScript
- User-authorized actions: Actions performed on behalf of a user after they grant permission to your app via OAuth.
- App-authorized actions: Actions that the app can perform independently within the workspace where it is installed (such as responding to webhooks or automation triggers).
App-Authorized Actions (Client Credentials Flow)
When the app is installed, Plane will send both acode
and an app_installation_id
as part of the callback to the Redirect URI provided during consent URL generation. You can use this app_installation_id
to request a bot token for your app.
Plane will make a GET request to the Redirect URI with below parameters:
Parameter | Description |
---|---|
code | Authorization code (present but not used for client credentials flow) |
app_installation_id | The unique identifier for the app installation in the workspace |
Examples
- Python
- TypeScript
User-Authorized Actions (Authorization Code Flow)
In this flow, your app exchanges thecode
received as a query parameter on the callback (to your Redirect URI) for an access token and refresh token. The access token is short-lived and must be refreshed using the refresh token when it expires. Both tokens should be securely stored.
Plane will make a GET request to the Redirect URI with below parameters:
Parameter | Description | Required |
---|---|---|
code | The authorization code that can be exchanged for an access token | Yes |
state | The state parameter that was passed in the authorization request | No |
Examples
- Python
- TypeScript
Fetching App Installation Details
In both user-authorized and app-authorized flows, theapp_installation_id
identifies the app’s installation within a specific workspace. It is recommended that developers fetch workspace details after OAuth is successfully completed. Plane provides an app-installation
endpoint that works with both types of tokens.
Examples
- Python
- TypeScript
Sample Response
The app installation endpoint returns an array of installation objects. Typically, you’ll want to use the first element[0]
:
app_bot
: The bot user ID that represents your app in the workspaceworkspace_detail.slug
: The workspace slug needed for API callsworkspace
: The workspace ID for identifying the workspacestatus
: Should be “installed” for active installations
Webhook Payload Structure
When Plane sends webhooks to your application, the payload contains information about the event that occurred. Understanding this structure is crucial for processing webhooks effectively.General Webhook Structure
All webhooks follow this general structure:Common Event Types
Issue Comment Events
When someone comments on an issue:Issue Events
When an issue is created, updated, or deleted:Processing Webhooks
Here’s how to process webhooks in your application:- TypeScript
- Python
Obtain and store access tokens securely
Once you have obtained the access token, you can use it to make authenticated API requests to Plane. Store the access token and refresh token securely in your database.Make authenticated API requests to Plane
For making authenticated API requests to Plane, you can use the access token obtained from the OAuth flow. API reference is available at https://docs.plane.so/api-reference. We have official SDKs for the following languages to simplify the OAuth flow and make it easier to call Plane’s API.Language | Package Link | Source Code |
---|---|---|
Node.js | npm i @makeplane/plane-node-sdk | plane-node-sdk |
Python | pip install plane-sdk | plane-python-sdk |
Handle Token Refresh
Token refresh works differently depending on the type of token you’re using:Bot Token Refresh (Client Credentials Flow)
Bot tokens obtained through the client credentials flow don’t use refresh tokens. Instead, when a bot token expires, you simply request a new one using the sameapp_installation_id
:
- Python
- TypeScript
User Token Refresh (Authorization Code Flow)
When user access tokens expire, you can use the refresh token to get a new access token:Examples
- Python
- TypeScript