fix(security): add authentication to tool API routes

[waleedlatif1]

Summary

• Add checkInternalAuth to all tool API routes that were missing authentication
• Prevents SSRF attacks through database tools (MongoDB, Neo4j, DynamoDB, RDS, etc.)
• Prevents unauthorized access to SaaS API proxies (Jira, JSM, Confluence, Asana, etc.)
• Add auth check to OAuth token endpoint for credentialAccountUserId path

Type of Change

• Bug fix

Testing

Tested manually - unauthenticated requests now return 401

Checklist

• Code follows project style guidelines
• Self-reviewed my changes
• Tests added/updated and passing
• No new warnings introduced
• I confirm that I have read and agree to the terms outlined in the Contributor License Agreement (CLA)

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

1 Skipped Deployment

Project	Deployment	Review	Updated (UTC)
docs	Skipped		Jan 27, 2026 8:29pm

[greptile-apps]

Greptile Overview

Greptile Summary

Added checkInternalAuth to 74 tool API routes that were previously unprotected, closing critical security vulnerabilities that could allow SSRF attacks and unauthorized access to external services.

Key Changes

• Database tools (MongoDB, Neo4j, RDS, DynamoDB): Now require internal JWT authentication, preventing SSRF attacks where malicious actors could use the server as a proxy to access internal databases
• SaaS API proxies (Jira, JSM, Confluence, Asana, Discord, Drive, Google Sheets): Protected from unauthorized external access
• Browser automation (Stagehand): Secured to prevent unauthorized execution of browser-based tasks
• OAuth token endpoint: Enhanced with session-only authentication check for the credentialAccountUserId path, ensuring users can only access their own credentials

Implementation Pattern

All routes now follow a consistent authentication pattern at the start of request handlers:

const auth = await checkInternalAuth(request)
if (!auth.success || !auth.userId) {
  return NextResponse.json({ error: auth.error || 'Unauthorized' }, { status: 401 })
}

The checkInternalAuth function:

• Only accepts internal JWT authentication (from workflow execution)
• Explicitly rejects API keys and session authentication
• Returns 401 for any unauthorized access attempts

Test Coverage

Added comprehensive test suite for OAuth token route covering:

• Unauthenticated request rejection
• API key authentication rejection
• Internal JWT authentication rejection
• Cross-user credential access prevention
• Session-authenticated user access to own credentials

Confidence Score: 5/5

• Safe to merge - critical security fix with consistent implementation pattern
• Authentication is correctly implemented across all 74 files with proper error handling, comprehensive test coverage was added, and the pattern prevents multiple attack vectors (SSRF, unauthorized access)
• No files require special attention - all changes follow the same secure pattern

Important Files Changed

Filename	Overview
apps/sim/app/api/auth/oauth/token/route.ts	Added session-only auth check for credentialAccountUserId path, preventing API key/JWT access to user credentials
apps/sim/app/api/tools/mongodb/query/route.ts	Added checkInternalAuth to prevent SSRF attacks via MongoDB connections
apps/sim/app/api/tools/neo4j/query/route.ts	Added checkInternalAuth to prevent SSRF attacks via Neo4j connections
apps/sim/app/api/tools/rds/query/route.ts	Added checkInternalAuth to prevent SSRF attacks via RDS connections
apps/sim/app/api/tools/dynamodb/query/route.ts	Added checkInternalAuth to prevent SSRF attacks via DynamoDB connections
apps/sim/app/api/tools/jira/issue/route.ts	Added checkInternalAuth to prevent unauthorized access to Jira API proxy
apps/sim/app/api/tools/confluence/page/route.ts	Added checkInternalAuth to all HTTP methods (POST, PUT, DELETE) for Confluence pages
apps/sim/app/api/tools/stagehand/agent/route.ts	Added checkInternalAuth to prevent unauthorized browser automation execution

Sequence Diagram

sequenceDiagram
    participant Client
    participant ToolAPI as Tool API Route
    participant Auth as checkInternalAuth
    participant Verifier as JWT Verifier
    participant Service as External Service
    
    Client->>ToolAPI: POST request
    ToolAPI->>Auth: Check authentication
    
    alt Missing internal JWT
        Auth-->>ToolAPI: Auth failed
        ToolAPI-->>Client: 401 Error
    end
    
    alt Wrong auth method used
        Auth-->>ToolAPI: Method not allowed
        ToolAPI-->>Client: 401 Error
    end
    
    Auth->>Verifier: Verify JWT
    Verifier-->>Auth: Valid
    Auth-->>ToolAPI: Authenticated with userId
    
    ToolAPI->>Service: Execute operation
    Service-->>ToolAPI: Result
    ToolAPI-->>Client: 200 Success

Loading

[greptile-apps]

_{No files reviewed, no comments}

_{Edit Code Review Agent Settings | Greptile}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{Bugbot Autofix is OFF. To automatically fix reported issues with Cloud Agents, enable Autofix in the Cursor dashboard.}