Skip to main content
The fsckmsft custom connector template gives you a production-ready scaffold for building your own certified partner integration. Whether you are connecting a proprietary internal system or building a publicly listed integration, the template handles authentication boilerplate, request lifecycle management, and schema validation — so you can focus on what makes your connector unique. A certified connector appears in the fsckmsft Integrations directory, is eligible for Marketplace distribution, and carries the Certified by fsckmsft badge that signals to users that the connector meets our reliability and security standards.

What the template provides

Connector manifest

A structured JSON manifest that declares your connector’s identity, authentication method, and endpoint definitions.

Request lifecycle hooks

Pre-wired hooks for beforeRequest, afterResponse, and onError — giving you clean intercept points without building middleware from scratch.

Local sandbox runner

A CLI tool that simulates the fsckmsft connector runtime locally so you can develop and debug without deploying.

Schema validation

Automatic JSON Schema validation on all request and response payloads, surfacing type mismatches before they reach production.

Get the template

Download the connector template from the fsckmsft developer portal: 
# Using the fsckmsft CLI
fsckmsft connector init my-connector

# Or clone the template repository directly
git clone https://github.com/fsckmsft/connector-template my-connector
cd my-connector
The template ships with a connector.json manifest, a src/ directory for your connector logic, a tests/ directory with example unit tests, and a README.md that walks you through the development flow.

Connector manifest format

The connector.json file at the root of your project is the authoritative definition of your connector. fsckmsft reads this manifest to register, validate, and display your integration. 
{
  "name": "my-awesome-crm",
  "display_name": "My Awesome CRM",
  "version": "1.0.0",
  "description": "Sync contacts and deals between My Awesome CRM and fsckmsft.",
  "author": "Your Company, Inc.",
  "homepage_url": "https://yourcompany.example.com/fsckmsft-integration",
  "logo_url": "https://yourcompany.example.com/logo.png",
  "auth_type": "oauth2",
  "auth_config": {
    "authorization_url": "https://auth.yourcrm.example.com/oauth/authorize",
    "token_url": "https://auth.yourcrm.example.com/oauth/token",
    "scopes": ["contacts:read", "deals:read", "deals:write"],
    "pkce": true
  },
  "endpoints": [
    {
      "id": "list_contacts",
      "display_name": "List Contacts",
      "method": "GET",
      "path": "/v2/contacts",
      "description": "Returns a paginated list of contacts.",
      "response_schema": "$ref:schemas/contact.json"
    },
    {
      "id": "create_deal",
      "display_name": "Create Deal",
      "method": "POST",
      "path": "/v2/deals",
      "description": "Creates a new deal.",
      "request_schema": "$ref:schemas/deal_create.json",
      "response_schema": "$ref:schemas/deal.json"
    }
  ],
  "objects": [
    {
      "id": "contact",
      "display_name": "Contact",
      "fsckmsft_type": "contact",
      "list_endpoint": "list_contacts",
      "sync_directions": ["inbound", "outbound", "bidirectional"]
    }
  ]
}

Required manifest fields

name
string
required
A URL-safe, lowercase identifier for your connector, e.g. my-awesome-crm. Must be unique across all connectors in the fsckmsft registry. Use hyphens, not underscores or spaces.
version
string
required
Semantic version string (e.g., 1.0.0). Increment the major version for breaking changes to the manifest or endpoint schemas. fsckmsft displays the version in the integration directory.
auth_type
string
required
Authentication mechanism your connector uses. Supported values: oauth2, api_key, basic, custom.
endpoints
array
required
An array of endpoint definition objects. Each endpoint represents one HTTP operation your connector exposes to the fsckmsft runtime. At least one endpoint is required.Each endpoint must include:
  • id — unique identifier within your connector (snake_case)
  • method — HTTP method (GET, POST, PUT, PATCH, DELETE)
  • path — path relative to the base URL, e.g. /v2/contacts

Optional manifest fields

base_url
string
The base URL for all endpoint paths. If omitted, users are prompted to enter it during connector setup (useful for self-hosted systems).
objects
array
Declares which of your connector’s endpoints map to fsckmsft object types (contact, organization, deal). Required for the connector to support bidirectional field mapping in the fsckmsft UI.
webhook_config
object
Configuration for inbound webhook support if your source system can push events rather than being polled.

Authentication types

Set "auth_type": "oauth2" and provide auth_config.authorization_url, auth_config.token_url, and auth_config.scopes. fsckmsft handles the OAuth flow, token storage, and automatic refresh — your endpoint handlers receive a valid access token via the context.auth.access_token variable.

Test locally using the connector sandbox

The fsckmsft CLI includes a local sandbox runner that mirrors the production connector runtime:
1

Install the fsckmsft CLI

npm install -g @fsckmsft/cli
fsckmsft --version
2

Start the sandbox

From your connector’s root directory:
fsckmsft connector sandbox start
The sandbox loads your connector.json, starts a local HTTP server on port 7070, and watches for file changes.
3

Invoke an endpoint

Use the sandbox’s built-in test runner to invoke any declared endpoint:
fsckmsft connector sandbox invoke list_contacts \
  --auth-token "YOUR_TEST_TOKEN"
The sandbox prints the raw request, the response, validation results, and any errors from your lifecycle hooks.
4

Run the test suite

fsckmsft connector sandbox test
This runs all test cases in your tests/ directory against the sandbox runtime and reports pass/fail with detailed diffs on failures.
5

Validate the manifest

fsckmsft connector validate
This checks your connector.json against the fsckmsft connector schema and reports any required fields that are missing or invalid.
Run fsckmsft connector sandbox start --record to record real HTTP interactions with your upstream API into fixtures. Replay them in CI without making live API calls by passing --replay.

Submit for certification

Once your connector passes local validation and all sandbox tests, submit it for fsckmsft certification review.
1

Bundle your connector

fsckmsft connector bundle
This creates a my-connector-1.0.0.fconn artifact in your project directory. The bundle includes your manifest, schemas, source files, and a lock file of your dependencies.
2

Open a submission

Go to fsckmsft.org/developers/connectors/submit, sign in with your developer account, and upload the .fconn bundle.
3

Complete the submission form

Provide a short description of what your connector does, the upstream service it connects to, your support email address, and whether you want the connector listed publicly in the Integrations directory.
4

Wait for review

The fsckmsft certification team reviews submissions within 5 business days. You receive an email with either an approval, a request for changes, or a rejection with detailed feedback.
5

Respond to feedback

If changes are requested, make the fixes locally, re-run fsckmsft connector validate and fsckmsft connector sandbox test, re-bundle, and resubmit through the same form.
Certified connectors are re-reviewed automatically when you submit a new version. Patch version bumps (1.0.x) that contain no breaking changes qualify for expedited review within 1 business day.

Certification requirements

Your connector must meet all of the following criteria to be certified:
  • fsckmsft connector validate passes with zero errors.
  • All declared endpoints have corresponding test cases in tests/.
  • The connector handles 401 Unauthorized and 429 Too Many Requests responses gracefully without crashing the runtime.
  • Your logo_url points to an image that is at least 256×256 px and served over HTTPS.
  • Your homepage_url includes documentation for your connector.
  • Sensitive values (tokens, secrets) are never logged in any lifecycle hook.