Vercel Connect launches to give agents scoped, short-lived service tokens
Vercel Connect is a new Public Beta feature that lets apps and agents access external services like Slack, GitHub, and Salesforce using scoped, short-lived tokens instead of stored long-lived secrets.
Score breakdown
Vercel Connect removes the need for agents and apps to hold long-lived provider secrets, replacing them with runtime-issued, scoped tokens that can be instantly revoked — directly addressing the credential-leakage and over-permissioning risks common in agentic workflows.
- 01Vercel Connect is now available in Public Beta, accessible from the Vercel dashboard or CLI.
- 02Apps and agents request scoped, short-lived tokens at runtime; the SDK fetches and refreshes them automatically — no secrets to store or rotate.
- 03Token granularity is provider-dependent; a GitHub token can be limited to a single repository with read-only access.
Vercel Connect is a new Public Beta product that eliminates the need to store long-lived provider secrets by issuing scoped, short-lived tokens at runtime. Developers register a connector once — via the dashboard or the Vercel CLI — and the SDK automatically fetches and refreshes tokens whenever the app or agent needs them. Token granularity depends on the provider: a GitHub token, for example, can be restricted to a single repository with read-only access rather than granting broad organizational access. Tokens can also be tied to a specific user's identity, so an agent inherits only that user's permissions. Connectors are scoped to specific environments (development, preview, production), meaning a leaked development token cannot be used against production. Revocation is available with a single command, either for individual tokens or all tokens a connector has issued.
Vercel Connect also supports inbound event triggers: with triggers enabled, the platform verifies incoming webhooks from providers and forwards them to up to three projects.
Vercel Connect also supports inbound event triggers: with triggers enabled, the platform verifies incoming webhooks from providers and forwards them to up to three projects. Trigger support for Slack, GitHub, and Linear is available in Beta. Dedicated connectors exist for Slack, GitHub, Linear, Discord, Notion, Salesforce, Figma, and Snowflake, plus generic OAuth and API key connectors; additional services including MCP servers can be configured via the CLI. The product ships adapters for Better Auth, Auth.js, the AI SDK, and MCP clients. Pricing is based on token requests: Hobby plans include 5,000 per month at no additional cost, and Pro and Enterprise plans are billed at $3 per 10,000 token requests. A `vercel-connect` skill can be installed via `npx skills add vercel/vercel-plugin --skill vercel-connect` to let a coding agent handle setup.
Key facts
- 01Vercel Connect is now available in Public Beta, accessible from the Vercel dashboard or CLI.
- 02Apps and agents request scoped, short-lived tokens at runtime; the SDK fetches and refreshes them automatically — no secrets to store or rotate.
- 03Token granularity is provider-dependent; a GitHub token can be limited to a single repository with read-only access.
- 04Tokens can be tied to a specific user's identity, so an agent inherits only that user's permissions.
- 05Connectors are environment-scoped (development, preview, production), preventing a leaked dev token from being used in production.
- 06Triggers (in Beta) verify and forward incoming webhooks from Slack, GitHub, and Linear to up to three projects.
- 07Dedicated connectors are available for Slack, GitHub, Linear, Discord, Notion, Salesforce, Figma, and Snowflake; pricing is 5,000 token requests/month free on Hobby, then $3 per 10,000 on Pro and Enterprise.
Topics
Summary and scoring are generated automatically from the original article. We always link back to the publisher and never republish images or paywalled content. Last processed Jun 18, 2026 · 10:40 UTC. How this works →