🎩 You're Invited:Meet the Socket team at Black Hat in Las Vegas, August 3-6.RSVP
Sign In

@useparagon/ocs

Package Overview
Dependencies
Maintainers
27
Versions
2
Alerts
File Explorer

Advanced tools

Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install
Package was removed
Sorry, it seems this package was removed from the registry

@useparagon/ocs

Open Connector Specification — declarative YAML contracts for integration connectors.

latest
npmnpm
Version
0.0.1-experimental.1
Version published
Maintainers
27
Created
Source

Open Connector Specification (OCS)

Declarative YAML contracts for defining integration connectors at Paragon.

Prerequisites

Before using the OCS CLI, make sure you have the following installed:

  • Node.js >= 18
  • npm >= 9

Installation

git clone https://github.com/useparagon/ocs.git
cd ocs
npm install
npm run build

After building, the ocs CLI is available via npx ocs from within the project.

The ocs CLI depends on @useparagon/ocs-core. For local development across repositories, use npm link:

# In ocs-core repo:
cd ../ocs-core
npm link

# In ocs repo:
cd ../ocs
npm link @useparagon/ocs-core

This creates a symlink so changes in ocs-core are immediately available in the CLI without re-publishing.

Setup

1. Configure environment

Create a .env file in the project root to configure the registry endpoint:

# Registry API URL — where connector metadata and packages are stored
OCS_REGISTRY_URL=http://localhost:3456

2. Start the registry API (local development)

The registry API is a separate service that stores connector metadata and YAML packages. See the ocs-registry repo:

cd ../ocs-registry
npm install
npm run docker:up          # Starts Postgres + registry API
curl http://localhost:3456/health

End-to-End Workflow

1. Scaffold a new connector

npx ocs init ./connectors --id slack --title "Slack" --auth oauth2

2. Add resources

npx ocs new action get-users --dir ./connectors/slack
npx ocs new entity user --dir ./connectors/slack
npx ocs new trigger message-posted --dir ./connectors/slack
npx ocs new pipeline sync-contacts --dir ./connectors/slack

3. Validate

npx ocs validate ./connectors/slack

4. Publish to registry

The version is read from connector.yaml (metadata.version or the semver in apiVersion).

npx ocs push ./connectors/slack

This does three things:

  • Packages the connector YAML into a .tgz archive
  • Computes a SHA256 checksum for integrity verification
  • Uploads the package and registers the version in the catalog API

5. Browse the catalog

npx ocs list                    # List all connectors
npx ocs list slack              # List all versions of slack
npx ocs search crm              # Search by name

6. Pull a published connector

npx ocs pull slack@1.0.0

CLI Commands — Full Reference

ocs init

Scaffold a new connector directory with starter files.

ocs init [dir] [--id <id>] [--title <name>] [--auth <type>]
OptionDescriptionDefault
dirTarget directory.
--id <id>Connector identifier (kebab-case)directory name
--title <name>Display nametitle-cased id
--auth <type>Auth type: apikey, basic, bearer, oauth2, oauth2-client-credentials, oauth2-ropcapikey
npx ocs init ./connectors --id github --title "GitHub" --auth oauth2
npx ocs init ./connectors --id stripe --auth bearer

ocs new

Scaffold a new resource file inside a connector.

ocs new <resource> <name> [--dir <path>]
ResourceWhat it creates
connectorConnector directory (alias for ocs init)
actionAction (HttpRequest)
triggerTrigger (webhook)
pipelinePipeline (ManagedSync)
entityEntity with starter schema
npx ocs new action get-users --dir ./connectors/slack
npx ocs new trigger order-created --dir ./connectors/shopify
npx ocs new entity invoice
npx ocs new pipeline sync-contacts

ocs validate

Run schema + semantic validation on OCS YAML files.

ocs validate <path...>

Performs two validation layers:

  • Layer A (Schema) — JSONata-based rules checking structural correctness
  • Layer B (Semantic) — Cross-resource reference checks, scopes, consistency
npx ocs validate                                  # Validate current directory
npx ocs validate ./connectors/slack               # Validate a specific connector
npx ocs validate actions/ entities/               # Validate specific directories

ocs doctor

Summarize connector resources, then run full validation.

ocs doctor <path...>
npx ocs doctor ./connectors/slack

ocs explain

Print a human-readable field reference for any OCS resource or concept.

ocs explain <topic>
TopicDescription
connectorIdentity, capabilities, rate limits
authentication (or auth)OAuth2, API Key, Bearer, etc.
actionHTTP actions (single and chained)
triggerWebhook and polling event sources
pipeline (or sync-config, mapping)ManagedSync and MultiStep data flows
entityTyped data models
input (or inputs, fields)Input field types, referencing, and display
outputOutput mapping (entity, direct, plugin)
paginationPagination types and configuration
errorsError handling
npx ocs explain action
npx ocs explain pagination
npx ocs explain input

ocs schema

Inspect OCS resource kind validation rules.

ocs schema list                     # List all resource kinds
ocs schema show <kind>              # Show rules for a kind
npx ocs schema list
npx ocs schema show Action
npx ocs schema show Connector

ocs operators

Inspect the global operator set.

ocs operators list                  # List all operators
ocs operators show <id>             # Show operator details
npx ocs operators list
npx ocs operators show '$StringContains'

ocs push

Package connector YAML and publish to the registry.

ocs push [path] [options]
OptionDescriptionDefault
pathConnector directory.
-r, --registry <url>Registry API URL$OCS_REGISTRY_URL or http://localhost:3456
--published-by <actor>Publisher identity$USER
--no-validateSkip validation before pushing

The version is read from connector.yaml (metadata.version or the semver suffix in apiVersion).

npx ocs push ./connectors/slack
npx ocs push . --no-validate
npx ocs push ./connectors/github --published-by ci

ocs pull

Download connector files from the registry.

ocs pull <connector[@version]> [options]
OptionDescriptionDefault
-v, --version <version>Specific version to pulllatest
-r, --registry <url>Registry API URL$OCS_REGISTRY_URL
-o, --output <dir>Output directory.
npx ocs pull slack                              # Pull latest version
npx ocs pull salesforce@1.2.0                   # Pull specific version
npx ocs pull github -o ./connectors             # Pull into specific directory

ocs install

Pull and extract connector files into a local directory.

ocs install <connector[@version]> [options]
OptionDescriptionDefault
-v, --version <version>Specific version to installlatest
-r, --registry <url>Registry API URL$OCS_REGISTRY_URL
-d, --dir <path>Base connectors directory./connectors
npx ocs install slack
npx ocs install salesforce@1.2.0
npx ocs install hubspot@2.0.0 -d ./my-connectors

ocs list

List connectors or versions.

ocs list [connector-id] [options]
OptionDescriptionDefault
connector-idIf provided, lists all versions of this connector
--visibility <scope>Filter: paragon, customer, partner, community
--org <org-id>Filter by owner organization
--limit <n>Max results50
-r, --registry <url>Registry API URL$OCS_REGISTRY_URL
npx ocs list                                    # List all connectors
npx ocs list klaviyo                            # List all versions
npx ocs list --visibility community             # Filter by visibility
npx ocs list --org my-org --limit 20            # Filter by org

Search for connectors by name.

ocs search <query> [options]
OptionDescriptionDefault
--limit <n>Max results50
-r, --registry <url>Registry API URL$OCS_REGISTRY_URL
npx ocs search crm
npx ocs search slack

ocs verify

Verify a published connector version in the catalog.

ocs verify <connector[@version]> [options]
OptionDescriptionDefault
-r, --registry <url>Registry API URL$OCS_REGISTRY_URL
npx ocs verify slack@1.0.0
npx ocs verify salesforce

ocs login / ocs logout

Authenticate with the OCS registry (not yet implemented).

npx ocs login
npx ocs logout

Connector Directory Layout

<connector-id>/
  connector.yaml           # Identity, capabilities, rate limits
  auth/
    <scheme-id>.yaml       # Authentication scheme
  actions/
    <action-id>.yaml       # API operations
  entities/
    <entity-id>.yaml       # Typed data models
  triggers/
    <trigger-id>.yaml      # Webhook/polling event sources
  pipelines/
    <pipeline-id>.yaml     # Data flows (optional)
  plugins/
    <plugin-id>.yaml       # Custom logic (optional)
  filters/
    filter.yaml            # Operator mappings (optional)
    operator-set.yaml      # Custom operators (optional)

Resource Kinds

Each YAML file declares a kind and apiVersion:

KindapiVersion prefixPurpose
Connectorocs.useparagon.com/connector/Identity, capabilities, rate limits
Authenticationocs.useparagon.com/authentication/Auth scheme, scopes, verification
Actionocs.useparagon.com/action/API operation with input/output
Entityocs.useparagon.com/entity/Typed data model
Triggerocs.useparagon.com/trigger/Webhook or polling event source
Pipelineocs.useparagon.com/pipeline/Data flow (MultiStep or ManagedSync)
Pluginocs.useparagon.com/plugin/Custom function
TriggerPluginocs.useparagon.com/triggerPlugin/Shared webhook config
AuthPluginocs.useparagon.com/authPlugin/Base auth pattern (managed)
OperatorSetocs.useparagon.com/filter/Global filter operators (managed)
IntegrationFilterocs.useparagon.com/filter/Per-connector operator mappings

Connector Metadata

The connector.yaml metadata block supports the following fields:

FieldDescriptionRequired
metadata.idUnique connector identifier (kebab-case)Yes
metadata.nameDisplay nameNo
metadata.versionConnector version (semver)Recommended
metadata.authorOwner in @org/connector-id format (e.g. @useparagon/klaviyo)Recommended

Expression Syntax (JSONata)

OCS uses JSONata as its expression language:

ContextSyntaxExample
Input field$input.fieldbody: { name: $input.name }
Compound expression${{ expr }}path: ${{ '/contacts/' & $input.id }}
Template interpolation{{$ref}}path: "/contacts/{{$input.id}}"
Auth input$inputs.field$inputs.apiKey
Stored credential$stored.field$stored.accessToken
Auth endpoint$endpoints.field$endpoints.tokenUrl
API response$response.pathoutput: { id: $response.id }
Step reference$steps.{id}...$steps.step1.output.id
Plugin argument$args.name$args.secret
Plugin pipe output$pipe.index$pipe.0

Input Types

TypeDescription
TEXTString
NUMBERNumeric
BOOLEANTrue/false
ENUMSingle selection from options
MULTI_ENUMMultiple selections
DATEDate only
DATETIMEDate and time
JSONArbitrary JSON
FILEFile upload
SECRETSensitive value (masked)
URLURL string
TEXTAREAMulti-line text
CODECode block
CONDITIONALConditional field set

Development

npm install                    # Install dependencies
npm run build                  # Compile TypeScript
npm run typecheck              # Type check without emitting
npm test                       # Run Jest tests
npm run validate:examples      # Validate all example connectors

Repository Structure

src/
  cli.ts                       # CLI entry point
  commands/                    # Command implementations
  rules/                       # JSONata validation rules (Layer A)
  validator/                   # Semantic validation (Layer B)
platform/
  auth-plugins/                # Base auth patterns (ApiKey, OAuth2, etc.)
  operator-sets/               # Global filter operators
init-examples/                 # Starter templates used by ocs init
examples/
  connectors/                  # Reference connectors
  resources/                   # Per-kind standalone examples
docs/
  ocs-schema-reference.md      # Complete field-level schema reference
  platform-guide.md            # End-to-end platform walkthrough
PackagePurpose
@useparagon/ocsYAML spec + ocs CLI (this repo)
@useparagon/ocs-coreRuntime engine for executing YAML connectors
@useparagon/ocs-registryCatalog API, S3 package storage

License

ISC

Keywords

ocs

FAQs

Package last updated on 09 Apr 2026

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts