Nylas Glossary
This page lists some terms that you'll encounter when working with Nylas, explains what they mean.
ℹ️ Have a suggestion for the glossary?
Let us know!
Access token
A short-lived token associated with a specific grant or connected account. An application uses an access token to authenticate with the service provider and make data requests on your behalf. In OAuth 2.0 and later, access tokens expire after one hour and can be refreshed.
API key
A unique identifier that an application uses to authenticate with the Nylas API. You can find your API key in the Nylas Dashboard. API keys are used in place of client secrets in Nylas v3.
Application
Refers to one of three concepts in the Nylas docs: the "provider auth application" used to connect to your authentication provider, the Nylas application which contains connections to your project and your connectors, and sometimes "your application" which refers to your actual code project for the application you're working on. For clarity, we may call it "your project" instead.
Authentication
The process of proving who you are, and that you have the right to make decisions about an account and its data. This is different from the authorization header that you use in API requests to pass a token or other credential. The token is like a backstage pass: it authorizes you to make requests. Different types of API authorization headers are known as "authentication" types. Both of these are sometimes shortened to "auth".
Authentication token
A short-lived token that the end user receives from the authentication system (the OAuth provider or IDP) which proves that they successfully authenticated (provided account credentials and passed any confirmation steps). The application uses this to retrieve an access token. Unlike an access token, you cannot use authentication tokens to make requests on an end user's behalf, or access data.
Authorization
The process of deciding whether you have the right to do something. This is different from "authentication", which is the process of proving who you are, and that you have the right to make decisions about an account and its data. When you make API requests, you use an authorization header to to pass a token or other credential. The token is like a backstage pass: it authorizes you to make requests. Different types of API authorization headers are known as "authentication" types. Both of these are sometimes shortened to "auth".
Bounced email message
An automated notification that the email provider sends to let you know that an email message you sent wasn't delivered. An email message might not be delivered for many reasons, including an incorrect recipient email address.
CalDav
A protocol for working with calendar and schedule information on a remote server. It uses the iCalendar data format, and is used by iCloud and Google Calendar.
Callback URI
The URI that the OAuth provider sends a user back to after they authenticate using Hosted
OAuth. You must define this in your Nylas application's settings. This is similar to the Nylas
auth "redirect URI", which you specify in your provider auth app.
Client ID
A unique identifier for your Nylas application, used to identify your application when it connects to the Nylas API. You can find your client ID in the Nylas Dashboard.
Client secret
Usually, this refers to a unique secret key for your Nylas application. As of Nylas v3, however, any field labeled "client secret" takes an API key instead.
Client-side
Any code that runs in the end user's browser or device, as opposed to server-side code which runs on a server. Client-side code is often written in JavaScript, and is used to create interactive web pages. Client-side applications require special security considerations for secrets management, such as PKCE verification.
Connector
A data structure that stores information about how your Nylas application connects to a third-party service provider, such as an email provider, calendar provider, or other data source. Connectors are sometimes called "integrations" or "channels", and might include another term that describes what the connector does (for example, an "auth connector" or a "notification connector").
CRUD
An acronym for "Create, Read, Update, Delete". These are the four basic operations that you can perform on data.
Custom authentication
An authentication flow that is sometimes called "bring your own token". You provide the OAuth refresh token for the end user, and Nylas uses it to create a grant and request access tokens as needed to access the end user's data.
Data center
Nylas offers two data center options — U.S. and E.U. — to accommodate customers around the world. See the Data residency documentation for more details.
ESP
An acronym for "Email Service Provider". See service provider.
GCP
An acronym for "Google Cloud Platform". This is the portal where you create a provider auth app to allow your project to connect to Google resources.
GDPR
"General Data Protection Regulation". Regulation set by the European Union, designed to harmonize data privacy laws across Europe. See What is the GDPR?.
Grant
A record of permissions ("scopes") that an end user "granted" to your application to access their data. Nylas creates a grant when an end user successfully authenticates, and generates an access token.
ICS
"Internet Calendar Scheduling". This is the file format behind iCalendar and CalDav, used by Apple and Google. Each ICS file represents an individual event on a calendar.
IMAP
"Internet Message Access Protocol". This is a protocol for receiving email that allows end users to access their email messages from different devices.
Integration
An external service connected to your Nylas application. This could be an authentication provider, data source, or another tool like Zoom Meetings. In most cases, these are now called "connectors".
LLM
"Large Language Model". A model of artificial intelligence that can complete natural language processing tasks. Nylas uses LLMs to power various features, including the Clean Conversation endpoint.
Migrate
The process of transitioning end users and data from an older Nylas implementation to a newer one. This is the last part of the upgrade process.
MIME
"Multipurpose Internet Mail Extensions". An internet standard that allows email messages to support attachments and non-ASCII text.
Native authentication
OAuth
An authentication protocol that allows you to approve one application interacting with another on your behalf, without providing your password. See the OAuth specification website for more information.
Owner
The person who creates and schedules a specific calendar event.
Participant
A person who is invited to a calendar event. Each event might have more than one participant.
PII
"Personally identifiable information". Any data that can be used to identify you (for example, a Social Security Number or credit card information).
PKCE
"Proof Key for Code Exchange". A shared secret used in OAuth 2.0 as an additional layer of validation to ensure that the authorization code exchange is secure. This is especially important for client-side applications.
Provider
See service provider.
Provider application
See provider auth application.
Provider auth application
Sometimes called a "provider integration application" or "provider application". An application that connects the service provider's infrastructure and your Nylas application.
Provider integration application
See provider auth application.
Redirect URI
The URL that the OAuth provider directs a user to after they authenticate. This URI needs to be
registered with the OAuth provider through your provider auth app, and must match the URI that
the user is directed to after they authenticate. These are similar to the
"callback URI" that you specify in your Nylas application.
Refresh token
A long-lived token that you can use to request new access tokens when they expire. Used to keep end users authenticated without requiring them to log in again.
Scopes
Permissions which determine what data your application can access on a specific procider. Your end users approve your requested scopes when they authenticate with your application. Scopes must be included in either the connector for the provider, or in the OAuth request.
Server-side
Any code that runs on a server, and handles requests from client-side code. Often written in languages like Python, Ruby, or Node.js.
Service provider
The company that maintains the email systems, and sometimes the calendaring and contacts tools, which you connect to using Nylas. Sometimes called an "email service provider" or "ESP", or just "provider".
SLA
"Service level agreement". An agreement between a provider and their customers, outlining the services that the provider delivers, and the responsiveness the provider adheres to (for example, promising 99% uptime).
SMTP
"Simple Mail Transfer Protocol". The underlying protocol used by IMAP providers to send email messages from email clients to servers, and back. Technically, all IMAP providers are also SMTP providers.
SSE
"Server-sent events". A push technology that allows your project to receive automatic updates from Nylas. Used in the Smart Compose endpoints to provide AI responses without requiring your application to constantly poll for new information.
Time slots
Periods of time returned by the Calendar API's Availability endpoint, when Nylas has determined that an end user is available to meet. These can include additional constraints such as buffer time, a time interval, and other options that you might have specified.
Unix epoch
The Unix epoch (also known as "epoch time") refers to the specific point in time when the Unix operating system’s timekeeping began. This point in time is 00:00:00 UTC on January 1, 1970.
Unix timestamp
The number of seconds that have elapsed since the Unix epoch. Nylas expects time values as Unix timestamps.
Upgrade
The process of transitioning an older version of Nylas to a newer version (for example, v2.x to v3.x), including updating your systems and any SDKs you use.
Useragent
A string that identifies the application (browser) that the end user is using to access the web. This can be useful along with their IP address for identifying traffic from the same person. Nylas does not maintain a list of useragents, but you can find a list of common useragents online.
Webhook challenge
When you create or activate a webhook endpoint, Nylas verifies that the endpoint is working by making a GET request to it with a challenge query parameter. Your application must return the exact value of the challenge in the response body within 10 seconds.
Webhook endpoint
The URL that Nylas sends webhook payloads to when an event occurs on the provider. Sometimes called a "webhook receiver" or "webhook URL".
Webhook payload
The data or message that Nylas sends to your webhook endpoint when an event occurs on the provider.
Webhook signature
Included in webhook payloads sent from Nylas. These allow you to verify that the webhook data really did originate from Nylas.
Whitelabeling
The process of customizing the appearance of the Nylas authentication screen and authentication domains to use your company's domain and logo or branding. Basic logo customization is available for all Nylas applications, regardless of plan tier. Additional whitelableing features are available as an add on to paid plans.