Gmail Integration Demo

How this demo works:
1. Connect your Gmail account (gives TokenForm OAuth access)
2. Create a PAT (Permission Access Token) with specific constraints
3. Test actions — see what gets allowed vs blocked by TokenForm

📧 Step 1: Connect Gmail Not Connected

Connect your Gmail to grant TokenForm read and send access. Your OAuth token stays secure — agents only get a constrained PAT.

🎫 Step 2: Create Permission Token (PAT)

Define what the agent is allowed to do. These constraints are enforced by TokenForm.

Agent ID

Allowed Actions

Read Emails Summarize Inbox Send Emails

Max Emails to Read

Allowed Recipients (for send, comma-separated)

Required Subject Prefix

🔒 Data Rules (Hard Enforcement)

These rules are enforced by the proxy. The agent CANNOT bypass them.

Return Fields Only (read) — comma-separated

Exclude Fields (read) — comma-separated

Redact Patterns (regex) — comma-separated

Block Patterns in Send — comma-separated

📜 Agent Directives (Soft Enforcement)

Instructions sent to the agent. Compliance depends on agent architecture.

Purpose (why agent has access)

Allowed Behaviors — one per line

Forbidden Behaviors — one per line

Disclosure (what agent should tell user)

🧪 Step 3: Test Agent Actions

Simulate what an agent would try to do. TokenForm will allow or block based on the PAT constraints.

Read & Summarize

Send Email (Constrained)

Subject

Message

Activity Log

Waiting for actions...