Extension manifest
Use manifest.json to describe your extension metadata, frame entrypoints, and optional OAuth providers.
Manifest schema
type ExtensionManifest = {
id: string;
listed: boolean;
metadata: {
version: number;
author: string;
name: string;
description: string;
icon: string;
verifiedDeveloper: boolean;
};
frames: {
navPanel?: {
path: string;
};
};
dev?: {
requireSSL?: boolean;
};
oauthProviders?: Record<
string,
{
authorization_url: string;
client_id: string;
scope: string;
access_type: string;
token_url: string;
}
>;
};
Complete example
{
"id": "my-extension",
"listed": true,
"metadata": {
"version": 1,
"author": "Your team",
"name": "My Extension",
"description": "Sync assets from external service",
"icon": "icon.svg",
"verifiedDeveloper": false
},
"frames": {
"navPanel": {
"path": "index.html"
}
},
"dev": {
"requireSSL": true
},
"oauthProviders": {
"myProvider": {
"authorization_url": "https://provider.example.com/oauth2/authorize",
"client_id": "client-id-from-provider",
"scope": "assets.read assets.write",
"access_type": "offline",
"token_url": "https://provider.example.com/oauth2/token"
}
}
}
Field notes
id: stable unique extension identifier.frames.navPanel.path: HTML entrypoint loaded in the extension panel.oauthProviders: keyed by provider name used inkittl.authcalls.dev.requireSSL: useful for providers that require secure origins during OAuth.