Discord
Add Discord bots and authorize users with OAuth2 for guilds and identity access.
Auth Model
Installation + User OAuth
Dual-credential model. An App is first installed into an organization or workspace (yielding an installation credential), then individual users authorize within that installation context (yielding user credentials). Authpipe manages both lifecycles.
Connection Flow
// Get the bot/app token (installation-level) const { credential: botToken } = await authpipe.getCredential({ provider: 'discord', tenantId: 'org_acme', credentialFor: 'installation', }); // Get a user-level token const { credential } = await authpipe.getCredential({ provider: 'discord', tenantId: 'org_acme', userId: 'user_123', credentialFor: 'user', });
// Both credentials are always valid — Authpipe handles refresh // Install the App into a workspace <InstallButton provider="discord" onInstall={(inst) => console.log('Installed!', inst)} />
Available Scopes
Permissions you can request when connecting to Discord.
bot Add a bot user to a guild
applications.commands Register slash commands for the application
applications.commands.update Update existing slash commands for the application
webhook.incoming Create a webhook that posts messages to a channel
identify Access the user's username, avatar, discriminator, and public flags
email Access the user's email address
guilds View the guilds the user belongs to
guilds.join Add the user to a guild (requires bot with CREATE_INSTANT_INVITE)
guilds.members.read Read the user's member info in guilds
connections View the user's third-party connected accounts
messages.read Read messages in channels where the bot is present
gdm.join Join the user to a group direct message
role_connections.write Update a user's role connection metadata
What Authpipe handles for Discord
OAuth Orchestration
PKCE, state validation, callback handling, and provider-specific quirks — all automatic.
Encrypted Vault
AES-256-GCM encryption with per-tenant key isolation. OAuth tokens, API keys, and webhook secrets — never exposed to the frontend.
Silent Refresh
Proactive token refresh before expiry. SDK returns from local cache with zero latency.
Health Monitoring
Scheduled checks detect revoked tokens and expired credentials before users notice.
More Communication providers
Aircall
Manage calls, contacts, and phone system settings through Aircall's OAuth integration.
ClickSend
Send SMS, email, voice, fax, and postal mail through the ClickSend platform.
Dialpad
Integrate Dialpad phone, messaging, and contact center capabilities via OAuth.
Drift
Access conversations, contacts, and messaging features through Drift's OAuth integration.
Ready to connect Discord?
Get your first 100 connections free. Set up in minutes with our SDK.