Skip to content
Ascend GTM Ops — Docs

Pipedream Connect as sanctioned gap-fill OAuth vendor

ADR-061 — Pipedream Connect as sanctioned gap-fill OAuth vendor

Status: Accepted (2026-05-20 — Ascend GTM live; Kahuna pending Mishaal consent) Date: 2026-05-19 Author: Mishaal Murawala Supersedes: ADR-060 (GTM CF Worker — Path C) Amends: ADR-058 (Composio Gap Resolution Policy) — adds Path D INVARIANTS-UNCHANGED — the 15 V5 gateway invariants are not modified. Invariant #5 (“Composio owns OAuth end-to-end”) is clarified below to read “for the SaaS surface Composio covers” — gap-fill via Pipedream is permitted under the same isolation guarantees (per-tenant external_user_id, no V5 KV writes).

Context

ADR-058 defined three paths when Composio doesn’t cover a needed toolkit:

  • Path A — PENDING-NATIVE (wait, low criticality)
  • Path B — SESSION-ONLY SDK (non-production)
  • Path C — Dedicated CF Worker (the production path)

ADR-060 applied Path C to Google Tag Manager: build a dedicated gtm-mcp CF Worker. PR #585 carried the plan-first doc.

The problem with Path C as the default: each missing toolkit (GTM, then TikTok Ads, Reddit Ads, X Ads, etc.) becomes a 1-week Worker build + ongoing maintenance (secret rotation, OAuth refresh logic, MCP framing, 5 IDE configs, capability_registry entries, monitoring). Engineering cost scales linearly with toolkit gaps. With Composio covering ~250 well-supported apps and the long tail of needed integrations sitting outside that set, Path C is an unsustainable default.

Pipedream Connect — researched 2026-05-19 (TinyFish fetch of pipedream.com/docs/pricing + checkthat.ai/brands/pipedream/pricing):

  • 2,700+ apps, including Google Tag Manager, TikTok Ads, Reddit Ads, and most long-tail SaaS.
  • Streamable HTTP MCP server included on Connect tier.
  • BYO OAuth client supported — Ascend keeps control of the Google Cloud project + consent screen for sensitive scopes.
  • Embedded multi-tenant modelexternal_user_id={client_slug}, same pattern as Composio’s user_id. 100 external users included on Connect; $2/user beyond.
  • Connect tier: $99/mo · 10,000 credits/mo · unlimited workflows · MCP + BYO OAuth.
  • 1 credit = 30s @ 256MB compute. GTM calls finish in <2s, so realistic burn ~3–8K credits/mo at projected Ascend load.

This changes the economics. $99/mo flat covers an arbitrarily growing toolkit surface versus N × (1-week Worker build + ongoing maintenance).

Decision

Add a fourth path — Path D — to the gap-resolution policy:

Path D — Pipedream Connect (sanctioned gap-fill OAuth vendor). For any toolkit Composio does not cover, default to Pipedream Connect via its Streamable HTTP MCP server. BYO OAuth client where the upstream API requires sensitive scopes or distinct consent screens (Google, Microsoft, Meta). Per-tenant isolation via external_user_id={client_slug}, matching the existing Composio multi-tenancy pattern.

Path C (CF Worker) is demoted to “use only when”:

  1. Pipedream does not cover the upstream API, OR
  2. The toolkit has constraints Pipedream cannot satisfy (latency-sensitive hot path, custom request signing not exposed by Pipedream, regulatory data-residency the vendor can’t guarantee).

Policy ordering (revised):

PriorityPathWhen
1ComposioToolkit is in Composio catalog.
2Pipedream ConnectToolkit not in Composio but in Pipedream’s 2,700+ catalog. Default for all SaaS gaps.
3Path A — PENDING-NATIVEToolkit absent from both; low criticality; file Composio GH feature request and wait ≤14 days.
4Path C — Dedicated CF WorkerToolkit absent from both AND criticality forces immediate access AND Path D ruled out.
5Path B — Session-only SDKDebugging only. Never production.

Vendor sanction

Amends .claude/CLAUDE.md — the existing rule “Don’t add external OAuth vendors” is rewritten:

OAuth vendor policy: Composio is the primary canonical OAuth SaaS layer. Pipedream Connect is the sanctioned secondary vendor for gap-fill only — toolkits Composio doesn’t cover. No third OAuth vendor without a new ADR. This is the only authorized expansion of the OAuth vendor list since ADR-057.

GTM-specific consequence

The gtm-mcp CF Worker proposed in ADR-060 is cancelled. GTM access ships via Pipedream Connect:

  1. Sign up for Pipedream Connect ($99/mo).
  2. Configure BYO Google OAuth client in Pipedream (4 GTM sensitive scopes).
  3. Run external_user_id=ascend connect flow → store connection ID in Infisical.
  4. Add pipedream MCP server to .mcp.json (Streamable HTTP, header auth).
  5. Capability index entry for GTM tools (Vectorize capability_index per ADR-042).
  6. Per-tenant onboarding: repeat the connect flow with external_user_id={client_slug} for each new client.

PR #585 (Path C plan) is closed; ADR-060 marked superseded.

Explicitly rejected alternatives

AlternativeRejection reason
Stay on Path C as defaultLinear engineering cost per gap. Unsustainable beyond ~3 toolkits.
Migrate fully off Composio to Pipedream9 active tenant connections already working on Composio. Re-wiring cost > value. Composio’s depth on covered toolkits (HubSpot, Salesforce, etc.) is mature. Re-evaluate later if Pipedream proves materially better head-to-head on a specific toolkit.
Zapier MCPLess control over OAuth client (no BYO for most apps), per-task pricing model harder to project, weaker MCP positioning than Pipedream.
Arcade.devSmaller app catalog, MCP support narrower than Pipedream Connect as of 2026-05-19. Will re-evaluate at next vendor review.
n8n self-hosted as gap-filln8n is decommissioned (verified 2026-05-17). Bringing it back contradicts the cloud-native single-plane direction.

Re-evaluation triggers (decisions are time-bound)

This decision must be re-litigated if:

  • Composio ships native support for ≥3 toolkits Ascend currently uses via Pipedream → migrate those toolkits back to Composio.
  • Pipedream’s reliability, pricing, or coverage degrades materially relative to a competitor → ADR to swap.
  • A toolkit on Pipedream proves materially better than the same toolkit on Composio (head-to-head test) → migrate that toolkit and document.
  • Pipedream Connect spend exceeds $500/mo without proportional value → review.

Consequences

  • +$99/mo recurring (Pipedream Connect). First credit overage at ~10K credits/mo.
  • New vendor in the OAuth surface — adds to secret rotation, weekly ops review, security audit checklist.
  • One new MCP server in .mcp.json and the 4 IDE configs (Cursor, Windsurf, VS Code, Codex).
  • ADR-058 amended with Path D row.
  • docs/CURRENT-STACK.md “Composio canonical” language updated to “Composio primary; Pipedream Connect gap-fill.”
  • ADR-060 marked superseded; PR #585 closed.
  • docs/composio/missing-toolkit-runbook.md rewritten to lead with Path D.
  • Establishes the precedent that vendor sanctioning happens via ADR, not ad-hoc — keeps the OAuth vendor surface intentional.

Implementation steps (sequenced)

  1. Merge this ADR.
  2. Close PR #585; mark ADR-060 superseded.
  3. User confirms Pipedream Connect signup ($99/mo billing).
  4. Configure Google OAuth client (existing project or new — recommend new for GTM consent isolation) with the 4 sensitive scopes. Redirect URI per Pipedream BYO flow.
  5. Store Pipedream API key + project ID in Infisical (pipedream/api_key, pipedream/project_id) and as Wrangler secrets if any Worker needs server-side calls.
  6. Connect external_user_id=ascend → verify GTM accounts.list round-trip.
  7. Add pipedream to .mcp.json and 4 IDE configs.
  8. Add GTM tool capability entries to Vectorize via the standard embed script.
  9. Update docs/composio/toolkit-registry.md: googletagmanager row → status PIPEDREAM (live), link ADR-061.
  10. Update .claude/CLAUDE.md OAuth vendor policy paragraph.
  11. Update docs/CURRENT-STACK.md MCP architecture diagram.
  12. Per-tenant rollout (Kahuna, then future clients) — repeat step 6 with each external_user_id={slug}.