Guides and Tutorials/Outbound apps

Example Tools using Outbound Apps

Here are examples of how backend services can use Descope Outbound Apps to retrieve user-specific tokens for third-party platforms like Salesforce, HubSpot, and Google Calendar.

Each example assumes the user has already connected via the /outbound/oauth/connect flow.

🔗 Salesforce Opportunities Tool

Use Descope Outbound Apps to fetch Salesforce access tokens, then query opportunities from the Salesforce API.

const { accessToken } = await descope.getOutboundToken({
  appId: "salesforce",
  userId: "user-123",
  scopes: ["full"]
});
 
const instanceUrl = process.env.SALESFORCE_INSTANCE_URL;
const query = `SELECT Id, Name, StageName, CloseDate FROM Opportunity LIMIT 5`;
const endpoint = `${instanceUrl}/services/data/v57.0/query/?q=${encodeURIComponent(query)}`;
 
const response = await fetch(endpoint, {
  headers: { 'Authorization': `Bearer ${accessToken}` }
});
const data = await response.json();

📅 Google Calendar Events Tool

Fetch a user's calendar events with Descope-managed tokens:

const { accessToken } = await descope.getOutboundToken({
  appId: "google-calendar",
  userId: "<Descope User ID (sub claim in access token)>",
  scopes: ["https://www.googleapis.com/auth/calendar"]
});
 
const now = new Date().toISOString();
const url = `https://www.googleapis.com/calendar/v3/calendars/primary/events?timeMin=${now}&maxResults=5&orderBy=startTime&singleEvents=true`;
 
const response = await fetch(url, {
  headers: { 'Authorization': `Bearer ${accessToken}` }
});
const events = await response.json();

📇 HubSpot Contacts Tool

Use the Outbound App token to get CRM contact records from HubSpot:

const { accessToken } = await descope.getOutboundToken({
  appId: "hubspot",
  userId: "user-123",
  scopes: ["contacts"]
});
 
const url = `https://api.hubapi.com/crm/v3/objects/contacts?limit=10`;
 
const response = await fetch(url, {
  headers: {
    'Authorization': `Bearer ${accessToken}`,
    'Content-Type': 'application/json'
  }
});
const contacts = await response.json();

Notes

  • Each tool uses descope.getOutboundToken() to securely retrieve a token for the connected provider.
  • Make sure your app calls /outbound/oauth/connect first to allow the user to approve scopes.
  • Tokens are securely stored, auto-refreshed, and scoped by user and app.

Coming soon: More examples for platforms like Slack, Notion, Zoom, and GitHub!

Was this helpful?

Outbound Apps

Discover how Descope's Outbound Apps enable seamless integration with third-party platforms, enhancing user experiences with additional OAuth consents.

Outbound Consent Flows

Learn how to implement and customize third-party consent flows using Descope for your outbound applications.

On this page