Nexte
FeaturesTestimonialsRoadmapDocs

Create my workspace

Overview

14 connectors grouped by use case, OAuth scopes, and security.

Nexte ships 14 integrations covering most tools used by freelancers and small agencies. Each uses official standards (OAuth 2.0, public APIs) and works read + write per your permissions. No data goes through third-party servers.

Categories

  • Communication — Gmail, Outlook: send emails from your domain, bidirectional inbox sync.
  • Project — GitHub, Figma, Notion, Google Drive, Slack: resources tied to each project in Centrale.
  • CRM — HubSpot, Pipedrive, Monday: bidirectional contacts and deals sync.
  • Payments — Stripe, PayPal, GoCardless: multi-method online collection.
  • Accounting — Pennylane: continuous auto-export of invoices and payments.

Requirements

Most integrations use OAuth: just have an active account at the provider and click `Activate`. A few (PayPal, Pennylane) require an API key or business email entered manually.

OAuth scopes explained

Nexte only requests scopes strictly needed per feature — never more. Here are the main ones.

  • Gmail: `gmail.send` (send) + `gmail.modify` (read only threads with your CRM contacts). Never full inbox access.
  • Outlook: `Mail.Send` + `Mail.ReadWrite` scoped to your CRM contacts.
  • GitHub: `repo:read` + `metadata:read` on the repos you select. No push access.
  • Figma: `files:read` on the files added to your Nexte projects.
  • Notion: permissions scoped to the pages/databases you pick at authorization time.
  • HubSpot / Pipedrive / Monday: `crm.read` + `crm.write` for bidirectional sync.

Revoke access

Two ways to cut an integration: from Nexte (local token deleted) or from the provider (Google, Microsoft, GitHub…). Both methods work. Either way, already-synced data in Nexte stays accessible but no future exchanges happen.

Security and compliance

  • Tokens: stored encrypted (AES-256) in Supabase Vault, inaccessible even to Nexte admins.
  • Rotation: automatic refresh before expiry to avoid outages.
  • Audit: every API call is logged with timestamp, user, action (viewable 90 days).
  • GDPR: every cited subprocessor (Google, Microsoft, Stripe…) has signed required DPAs.
  • No data selling: Nexte NEVER sells your client data, nor trains AI on it.