Sandbox Integrations
Approve provider connections and scoped leases for sandbox workflows.
Sandbox Integrations
Sandbox integrations let a workflow use external providers without giving the sandbox broad account access.
Templates can declare required integration leases. At launch time, OpenPond asks the organization user to approve the needed provider connection and scope.
Lease behavior
An integration lease is scoped to the sandbox workflow. It includes provider, scopes, capabilities, resource policy, and expiration. The sandbox receives proxy tokens for approved leases, not raw provider OAuth tokens.
Missing connections
If a required provider connection is missing, the launch flow should stop before running the template. Connect the provider, approve the requested scope, then launch again.
Runtime access
The platform resolves approved leases and injects only the runtime values required for the workflow. Persistent sandbox records keep lease metadata and refs, not raw provider credentials.
Good practice
- Request the smallest provider scope that can run the workflow.
- Prefer template-declared leases over asking users to paste credentials.
- Rotate or remove provider access when a workflow no longer needs it.