The Vercel plugin currently uses a single shared access token (JUNIOR_VERCEL_TOKEN) configured at deploy time. Vercel supports OAuth integrations, and Junior's credential framework already handles per-user OAuth for GitHub, Linear, etc.
Migrating would let each Slack user authorize Junior against their own Vercel account, which improves auditability and removes the need for ops to manage a shared token.
What's needed:
- Register a Vercel OAuth integration (client ID + secret)
- Add Vercel to the per-user OAuth provider flow (App Home connect/disconnect)
- Update
plugin.yaml to use the OAuth credential instead of JUNIOR_VERCEL_TOKEN
- Update docs to reflect the new auth model
Trade-offs to consider:
- Every Slack user must individually authorize before using the plugin (added friction vs. shared token)
- The plugin is currently read-only; per-user OAuth matters more if write operations are added
Refs: #806 (docs cleanup that noted this limitation)
--
View Junior Session in Sentry
The Vercel plugin currently uses a single shared access token (
JUNIOR_VERCEL_TOKEN) configured at deploy time. Vercel supports OAuth integrations, and Junior's credential framework already handles per-user OAuth for GitHub, Linear, etc.Migrating would let each Slack user authorize Junior against their own Vercel account, which improves auditability and removes the need for ops to manage a shared token.
What's needed:
plugin.yamlto use the OAuth credential instead ofJUNIOR_VERCEL_TOKENTrade-offs to consider:
Refs: #806 (docs cleanup that noted this limitation)
--
View Junior Session in Sentry