Plugins
How to create and manage plugins — named service integrations with a base URL, auth methods, and tools. Now open to all users with an approval workflow.
What is a Plugin?
A plugin represents a single external service (e.g. Gmail, Stripe, Slack). It has:
- Slug — unique identifier, lowercase with hyphens/underscores (e.g.
gmail,stripe) - Name — human-readable display name
- Base URL — the API root (e.g.
https://api.stripe.com). Optional for MCP-only plugins. - Description — what the service does
- Icon URL — optional icon for the dashboard
- Plugin Prompt — optional text injected into LLM context when this plugin's tools are used
- Status —
active,beta, ordeprecated - Categories — tags for organization (e.g. Messaging, Payments)
- Tool Source —
manual(default),mcp, orboth. Controls where tools come from. - MCP Config — optional MCP server configuration (server URL, client ID, OAuth metadata)
Submission & Approval Workflow
All new plugins go through a review workflow before becoming live:
Create → Draft → Submit for Review → Pending Review → Approved (Live)
→ Declined / Revision Requested → Edit → Resubmit| Status | Meaning |
|---|---|
draft | Work in progress. Creator can add tools, auth methods, and edit freely. |
pending_review | Submitted for admin review. Editing is locked. |
approved | Live — visible in the public SDK/API. |
declined | Admin rejected the submission with feedback. Creator can edit and resubmit. |
revision_requested | Admin asked for changes with feedback. Creator can edit and resubmit. |
Both developers and admins create plugins through the same flow. Even admin-created plugins start as draft and must be approved (by any admin) before going live.
Creating a Plugin
Manual Plugin
- Go to Plugins (admin) or Submissions (developer) → New Plugin / New Submission
- Fill in the name (slug is auto-generated from name)
- Set the base URL to the external API root
- Optionally add description, icon, status, and categories
- Click Create
After creation, the plugin starts in draft status. Open the plugin detail page to add auth methods and tools, then submit for review.
MCP Plugin
- Go to Plugins or Submissions → New Plugin / New Submission
- Fill in the name
- Enter the MCP Server URL (e.g.
https://mcp.notion.com/mcp) - Click Discover — NIN fetches OAuth metadata, handles provider-specific discovery fallbacks, and registers as a client when supported
- Set Tool Source to
mcp(orbothif you also plan manual tools) - Click Create
NIN stores the discovered MCP configuration including the server URL, auth type, OAuth endpoints, and registered client ID when needed. Public MCP servers can be stored with authType: "none".
Plugin Detail Page
The plugin detail page shows a review status banner at the top with contextual actions:
- Draft — yellow banner with a “Submit for Review” button
- Pending Review — blue banner. Editing is locked for the creator; admins see approve/decline/request-revision controls
- Declined / Revision Requested — red/orange banner showing admin feedback with a “Resubmit” button
- Approved — green badge confirming the plugin is live
The page also shows the creator (name and email) below the plugin slug.
Below the banner, the page has three tabs:
Settings Tab
Edit name, slug, description, base URL, icon URL, status, plugin prompt, category assignments, tool source, and MCP server configuration. Changes are saved via the Save button.
The Tool Source selector controls which tools are exposed to agents:
- Manual — only hand-defined tools (classic behavior)
- MCP — only tools auto-discovered from the MCP server
- Both — manual and MCP tools together
The MCP Server section (visible when an MCP server is configured) displays the server URL, transport type, authentication type, and registered client ID. For public servers it shows a no-auth state instead of asking for OAuth credentials.
Auth Methods Tab
Add, edit, and delete auth methods for this plugin. See Auth System for details on supported types and configuration.
For MCP-enabled plugins, the MCP OAuth configuration is stored separately in mcpConfig and does not appear as a traditional auth method in this tab. For toolSource: "mcp", the hosted connect page hides manual auth methods completely.
Tools Tab
Shows both MCP tools (auto-discovered, read-only) and manual tools (editable) depending on the toolSource setting:
- MCP Tools section — read-only list of tools discovered from the MCP server, with a Sync Tools button to re-fetch
- Manual Tools section — editable tools you define (add/edit/delete)
- Each tool shows an expandable description and a Schema button to inspect the full JSON input schema
See Tools for the tool configuration reference.
Plugin List (Admin)
The admin Plugins page shows all plugins across the platform with three filter subtabs:
| Tab | Shows |
|---|---|
| All | Every plugin on the platform |
| Admin | Plugins created by admins (and legacy plugins with no creator) |
| Developer | Plugins submitted by developers |
Each tab shows a count badge. Each plugin card displays:
- Review status badge — Draft, Pending, Live, Declined, or Revision
- Status badge —
active,beta, ordeprecated - Tool count — sum of manual tools + MCP cached tools
- Auth count — number of auth methods + MCP auth (if configured)
- Creator — name or email of the user who created the plugin
API Endpoints
| Method | Path | Description |
|---|---|---|
GET | /api/dashboard/plugins | List plugins (admins see all, developers see own) |
POST | /api/dashboard/plugins | Create a new plugin (any authenticated user, starts as draft) |
GET | /api/dashboard/plugins/[pluginId] | Get plugin detail with auth methods, tools, MCP tools, and creator info |
PUT | /api/dashboard/plugins/[pluginId] | Update plugin (creator can edit in draft/declined/revision states, admins can edit any) |
DELETE | /api/dashboard/plugins/[pluginId] | Delete plugin (creator or admin) |
POST | /api/dashboard/plugins/[pluginId]/review | Admin review action: approve, decline, or request revision |
POST | /api/dashboard/plugins/[pluginId]/mcp-sync | Trigger manual MCP tool sync (creator or admin) |
POST | /api/dashboard/plugins/mcp-discover | Discover MCP server metadata from a URL (any authenticated user) |
Plugin endpoints use creator-or-admin authorization — the plugin creator and any admin can access a specific plugin. Review actions are admin-only.