> ## Documentation Index
> Fetch the complete documentation index at: https://docs.serval.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Egnyte

> Connect Egnyte, the cloud content collaboration and file sharing platform, so Serval workflows can manage files and folders, search content, and look up users and groups in your Egnyte domain.

## About Egnyte

Egnyte is a cloud content collaboration and file sharing platform. The Serval Egnyte integration is a bring-your-own-app (BYO) OAuth integration: your team registers its own application in the Egnyte Developer Portal and connects it to Serval with your Egnyte domain, Client ID (API Key), and Client Secret. Once connected, workflows can manage files and folders, search content, and look up users and groups, acting with the permissions of the Egnyte user who approved the connection. This integration is currently in Beta.

**Authentication:** Bring-your-own Egnyte OAuth app (authorization code grant) - you supply your Egnyte domain, Client ID (API Key), and Client Secret, then an Egnyte user approves access.

**Data sync:** On-demand only. Connecting Egnyte does not install any background sync workflows; Serval calls Egnyte only when a workflow runs an Egnyte action, plus a periodic connection health check.

## What the Egnyte integration enables

| Capability         | Description                                                                                                                            |
| ------------------ | -------------------------------------------------------------------------------------------------------------------------------------- |
| Egnyte API request | A general-purpose workflow action that calls a curated set of Egnyte Public API operations through your connection.                    |
| User info          | Look up the Egnyte user the connection acts as (username, name, email, role, and user type). Also used as the connection health probe. |
| Files and folders  | List folder contents, read file and folder details, create folders, move or copy items, and delete files or folders.                   |
| Search             | Search across files and folders, with folder scoping, a file-or-folder type filter, and pagination.                                    |
| Users (read)       | List Egnyte users with filtering, or look up a single user.                                                                            |
| Groups (read)      | List Egnyte groups, or look up a single group and its members.                                                                         |

These capabilities are a curated subset of the [Egnyte Public API](https://developers.egnyte.com/docs) rather than the full API surface. The set is expected to grow over time.

## Get your credentials

Serval does not ship with a built-in Egnyte app, so you first create an OAuth application on your own Egnyte domain. Egnyte's official references are the [Public API Authentication guide](https://developers.egnyte.com/docs/read/Public_API_Authentication) and the [Developers Portal step-by-step guide](https://helpdesk.egnyte.com/hc/en-us/articles/39833196166797-Apigee-based-Developers-Portal-Step-by-Step-Guide).

<Steps>
  <Step title="Sign in to the Egnyte Developer Portal">
    Register or sign in at the [Egnyte Developer Portal](https://developers.egnyte.com/member/register).
  </Step>

  <Step title="Create a new application">
    Click your username in the top-right, select **Apps**, then **New App**. Provide the app name, description, and your Egnyte domain.
  </Step>

  <Step title="Set the grant type">
    Choose **Authorization Code** as the grant type. Other grant types will not work with Serval.
  </Step>

  <Step title="Register Serval's Redirect URI">
    In the app's **Registered OAuth Redirect URI** field, paste the exact Redirect URI shown in Serval's Connect Egnyte modal. Use the Copy button in the modal - the value is environment-specific, so do not type it by hand.
  </Step>

  <Step title="Enable the required scopes">
    Make sure all five scopes Serval requests are available to the app: Egnyte.filesystem, Egnyte.user, Egnyte.group, Egnyte.permission, and Egnyte.link.
  </Step>

  <Step title="Wait for API key approval if required">
    Egnyte's portal documentation notes that a newly requested API key can remain inactive for up to 24 hours until approved. Wait until the key shows as Active.
  </Step>

  <Step title="Copy your credentials">
    From the app page, copy the **Client ID (API Key)** and **Client Secret**. You will paste these into Serval next, along with your Egnyte subdomain (for example, acme if you sign in at [https://acme.egnyte.com](https://acme.egnyte.com)).
  </Step>
</Steps>

<Warning>
  Serval requests the same five scopes on every connection. If any of Egnyte.filesystem, Egnyte.user, Egnyte.group, Egnyte.permission, or Egnyte.link is missing from the app, Egnyte returns invalid\_scope during authorization and the connection fails before you ever see a consent screen.
</Warning>

<Tip>
  The connection will act as whichever Egnyte user approves it. Plan to complete the Serval connect flow signed in as an Egnyte account whose permissions cover everything your workflows need.
</Tip>

## Connect in Serval

<Steps>
  <Step title="Open the Connect Egnyte modal">
    At the top of the modal is a read-only **Redirect URI** field with a Copy button, with the instruction "Add this as a Redirect URI in your Egnyte app's settings." Confirm you registered this exact value on your Egnyte app before continuing.
  </Step>

  <Step title="Enter your Egnyte domain (required)">
    Enter just your subdomain - for example, acme if you sign in at [https://acme.egnyte.com](https://acme.egnyte.com). The field shows a fixed .egnyte.com suffix beside the input, and pasting acme.egnyte.com or the full sign-in URL also works; Serval trims it down to the bare subdomain. If the value still fails validation when you click Connect, the modal shows "Failed to initiate OAuth: subdomain must be a valid Egnyte subdomain (letters, digits, and dashes only)".
  </Step>

  <Step title="Enter your Client ID (API Key) (required)">
    Paste the API Key from your Egnyte app. Surrounding whitespace is trimmed automatically.
  </Step>

  <Step title="Enter your Client Secret (required)">
    Paste the Client Secret from the same app. The input is hidden as you type and whitespace is trimmed.
  </Step>

  <Step title="Click Connect to Egnyte and approve">
    The **Connect to Egnyte** button stays disabled until all three required fields are filled in. When you click it, Serval sends you to Egnyte's sign-in and authorization page on your own domain. Sign in and approve the request. The connection appears in Serval named after your subdomain with the approving user's Egnyte username in parentheses, for example acme (jsmith) - or just the subdomain if the user lookup fails.
  </Step>
</Steps>

<Warning>
  Complete the Egnyte approval within 10 minutes of clicking **Connect to Egnyte**. The credentials you entered are held only briefly between starting the flow and Egnyte's callback; if you linger on the consent screen past that window, the flow fails with "Invalid or expired OAuth state" or "OAuth session expired, please try again" and you must start over.
</Warning>

<Note>
  There is no separate edit form for Egnyte credentials. If you rotate the Client Secret or replace the app in the Egnyte portal, reconnect through the Connect Egnyte modal with the new values.
</Note>

## Verifying the connection

Serval periodically verifies the connection by asking Egnyte for the profile of the user who authorized it, refreshing the access token first if needed using your stored Client ID and Client Secret. If Egnyte returns the user, the connection reports healthy; if the token can no longer be refreshed (for example, after a Client Secret rotation or app deletion), the check fails. This integration has no custom success or failure messages beyond the standard connection status.

<Tip>
  A healthy connection proves Serval can authenticate as the connected user - it does not prove that user can reach a specific folder. If the connection looks fine but a workflow's file or folder action fails, check the authorizing user's permissions on that path in Egnyte.
</Tip>

## Gotchas and troubleshooting

<AccordionGroup>
  <Accordion title="The OAuth handshake fails before you reach Egnyte's consent screen">
    The most common cause is a Redirect URI mismatch. The Connect Egnyte modal shows the exact, environment-specific Redirect URI with a Copy button; that precise value must be in your Egnyte app's Registered OAuth Redirect URI field. Never hand-construct it.
  </Accordion>

  <Accordion title="Egnyte returns invalid_scope during authorization">
    Serval requests a fixed scope set on every connection: Egnyte.filesystem, Egnyte.user, Egnyte.group, Egnyte.permission, and Egnyte.link. If your app does not have all five available, Egnyte rejects the authorization. Enable the missing scopes on the app and reconnect.
  </Accordion>

  <Accordion title="The connect flow expires with an OAuth error">
    The credentials you enter are held for 10 minutes between starting the connect flow and completing Egnyte's approval. If you take longer than that on Egnyte's side, the callback fails with "Invalid or expired OAuth state" or "OAuth session expired, please try again". Restart the connect flow from the modal.
  </Accordion>

  <Accordion title="You approved in Egnyte, but the connection failed at the final step">
    If the Client ID or Client Secret you entered does not match the app you approved against, Serval cannot redeem the authorization code and the flow ends with "Failed to exchange authorization code". Double-check both values in the Egnyte Developer Portal and restart the connect flow.
  </Accordion>

  <Accordion title="A brand-new API key does not work yet">
    Per Egnyte's developer portal documentation, a newly requested API key can remain inactive for up to 24 hours until Egnyte approves it. Connecting with a not-yet-active key fails; wait until the key's status shows Active in the portal, then connect.
  </Accordion>

  <Accordion title="Rotating the Client Secret breaks the connection">
    Serval stores your Client ID and Client Secret with the connection and uses them to refresh access tokens. If the secret is rotated or the app is deleted in the Egnyte portal, refresh fails and the connection goes unhealthy. Reconnect through the Connect Egnyte modal with the new credentials - there is no separate credential-update form for Egnyte.
  </Accordion>

  <Accordion title="Workflows fail even though the connection is healthy">
    The connection acts as the Egnyte user who approved it, and every call is bounded by that user's Egnyte permissions. If a file, search, user, or group action fails, verify the authorizing account can perform the same action directly in Egnyte, or reconnect with a more privileged account.
  </Accordion>

  <Accordion title="Your subdomain is rejected">
    The domain field is forgiving - acme, acme.egnyte.com, and the full sign-in URL all normalize to the bare subdomain. After normalization, the value must contain only letters, digits, and dashes (1-63 characters, no leading or trailing dash). Anything else is rejected with "Failed to initiate OAuth: subdomain must be a valid Egnyte subdomain (letters, digits, and dashes only)".
  </Accordion>

  <Accordion title="You must bring your own Egnyte app">
    Serval does not own an Egnyte OAuth app. Every team registers its own application on its own Egnyte domain and supplies that app's Client ID (API Key) and Client Secret. Egnyte's sign-in and approval pages are also per-domain, so each connection authorizes against your own Egnyte address.
  </Accordion>

  <Accordion title="The integration is in Beta">
    Egnyte support in Serval is currently flagged Beta. The surface area is intentionally small: a hand-maintained set of Egnyte operations exposed through the Egnyte API request action, with no shipped sync workflows or helper actions yet.
  </Accordion>
</AccordionGroup>

***

Need help? Contact **[support@serval.com](mailto:support@serval.com)** for assistance with your Egnyte integration.