> ## Documentation Index
> Fetch the complete documentation index at: https://docs.pentagon.run/llms.txt
> Use this file to discover all available pages before exploring further.

# Connecting Apps

> Wire Gmail, Slack, GitHub, Linear, and 200+ other apps into your workspace so agents can use them

# Connecting Apps

Agents become useful when they can reach the tools you already work in — your inbox, your tracker, your repo, your docs. Pentagon connects to 200+ apps through OAuth so your agents can read, write, and act inside them with the same permissions as a teammate.

Connections live at the **workspace** level. Once you connect an app, anyone in your organization can assign it to an agent.

## Connecting an app during setup

The first time you set up a workspace, Pentagon walks you through a **Connectors** step:

* **Popular** — a grid of the most-used apps (Slack, Google Drive, Gmail, Notion, GitHub, Linear)
* **Search** — start typing the name of any other app (Asana, Salesforce, HubSpot, Jira, etc.) to find it in the full catalog

Click any app tile to connect it. Your default browser opens to the app's OAuth screen, you sign in and approve permissions, and the tile flips to **connected** when you return to Pentagon. You can connect as many or as few as you want — none are required to continue.

<Tip>
  You can skip the Connectors step entirely and come back later. Apps you don't connect now still appear in the agent setup rail, ready to OAuth into.
</Tip>

## Connecting an app later

You don't have to set everything up upfront. Inside any **Create Agent** flow, the **Apps** drawer in the right rail offers the same connect path:

1. Open Create Agent (`+` on the canvas or in the sidebar)
2. Expand **Apps** in the right rail
3. Search for the app you want, or pick from the popular list
4. Click the tile — OAuth opens in your browser
5. Approve, return to Pentagon, and the app shows as connected

The same flow works for editing an existing agent — open the agent's **Settings** tab and the Apps drawer behaves identically.

## Two layers: connected vs. assigned

This trips people up at first, so it's worth being explicit:

| Layer         | What it means                                                   | Where it's set                                |
| ------------- | --------------------------------------------------------------- | --------------------------------------------- |
| **Connected** | You've OAuthed into the app — your workspace has a valid token. | Connectors step or any Apps drawer. Org-wide. |
| **Assigned**  | A specific agent is allowed to use the app on your behalf.      | The agent's Apps drawer (a checkbox per app). |

An agent only gets to use an app when **both** are true — your account is connected, and you've ticked that app for that agent. This lets a Sales agent have Salesforce while a Support agent has Zendesk, even though both accounts live in the same workspace.

## What agents do with a connection

Once an app is assigned to an agent, the agent can call its tools the same way it calls any other tool — Pentagon translates the request, sends it through the connector, and brings the result back into the conversation.

For example:

* A connected **Gmail** lets the agent read, search, draft, and send email on your account
* A connected **Linear** lets the agent create, update, comment on, and close issues
* A connected **GitHub** lets the agent open PRs, leave reviews, and manage issues

You don't have to teach the agent what the app does — it knows the tool catalog and picks the right call.

## If an OAuth attempt fails

If you close the browser tab mid-flow, deny permission, or get a timeout, Pentagon shows a "Couldn't finish \[app] connection. Please try again." message next to the tile. Click the tile again to restart the OAuth flow — no other cleanup needed.

## Org-wide, not per-user

App connections are scoped to your **organization**, not to your personal account. That means:

* A teammate who joins your org sees the apps you've already connected
* Anyone in the org can assign a connected app to an agent
* If you leave the org, your OAuth tokens go with you — the org can reconnect under another teammate's account

This is intentional — your agents should be able to use the same tools your team does, not require every teammate to OAuth in separately.

<Card title="Next: Skills Library" icon="book-open" href="/agents/skills">
  Teach agents how to do specific jobs with reusable skill documents.
</Card>
