added custom oauth for tiktok

Co-authored-by: Cursor <cursoragent@cursor.com>

apps/sim/app/api/auth/oauth/utils.ts

@@ -6,9 +6,11 @@ import { getSession } from '@/lib/auth'
 import { refreshOAuthToken } from '@/lib/oauth'
 import {
   getMicrosoftRefreshTokenExpiry,
+  getTikTokRefreshTokenExpiry,
   isMicrosoftProvider,
+  isTikTokProvider,
   PROACTIVE_REFRESH_THRESHOLD_DAYS,
-} from '@/lib/oauth/microsoft'
+} from '@/lib/oauth/utils'
 
 const logger = createLogger('OAuthUtilsAPI')
 
@@ -220,13 +222,13 @@ export async function refreshAccessTokenIfNeeded(
     (!credential.accessToken || (accessTokenExpiresAt && accessTokenExpiresAt <= now))
 
   // Check if we should proactively refresh to prevent refresh token expiry
-  // This applies to Microsoft providers whose refresh tokens expire after 90 days of inactivity
+  // This applies to providers with expiring refresh tokens (Microsoft: 90 days, TikTok: 365 days)
   const proactiveRefreshThreshold = new Date(
     now.getTime() + PROACTIVE_REFRESH_THRESHOLD_DAYS * 24 * 60 * 60 * 1000
   )
   const refreshTokenNeedsProactiveRefresh =
     !!credential.refreshToken &&
-    isMicrosoftProvider(credential.providerId) &&
+    (isMicrosoftProvider(credential.providerId) || isTikTokProvider(credential.providerId)) &&
     refreshTokenExpiresAt &&
     refreshTokenExpiresAt <= proactiveRefreshThreshold
 
@@ -271,6 +273,8 @@ export async function refreshAccessTokenIfNeeded(
 
       if (isMicrosoftProvider(credential.providerId)) {
         updateData.refreshTokenExpiresAt = getMicrosoftRefreshTokenExpiry()
+      } else if (isTikTokProvider(credential.providerId)) {
+        updateData.refreshTokenExpiresAt = getTikTokRefreshTokenExpiry()
       }
 
       // Update the token in the database
@@ -321,13 +325,13 @@ export async function refreshTokenIfNeeded(
     (!credential.accessToken || (accessTokenExpiresAt && accessTokenExpiresAt <= now))
 
   // Check if we should proactively refresh to prevent refresh token expiry
-  // This applies to Microsoft providers whose refresh tokens expire after 90 days of inactivity
+  // This applies to providers with expiring refresh tokens (Microsoft: 90 days, TikTok: 365 days)
   const proactiveRefreshThreshold = new Date(
     now.getTime() + PROACTIVE_REFRESH_THRESHOLD_DAYS * 24 * 60 * 60 * 1000
   )
   const refreshTokenNeedsProactiveRefresh =
     !!credential.refreshToken &&
-    isMicrosoftProvider(credential.providerId) &&
+    (isMicrosoftProvider(credential.providerId) || isTikTokProvider(credential.providerId)) &&
     refreshTokenExpiresAt &&
     refreshTokenExpiresAt <= proactiveRefreshThreshold
 
@@ -368,6 +372,8 @@ export async function refreshTokenIfNeeded(
 
     if (isMicrosoftProvider(credential.providerId)) {
       updateData.refreshTokenExpiresAt = getMicrosoftRefreshTokenExpiry()
+    } else if (isTikTokProvider(credential.providerId)) {
+      updateData.refreshTokenExpiresAt = getTikTokRefreshTokenExpiry()
     }
 
     await db.update(account).set(updateData).where(eq(account.id, credentialId))

apps/sim/app/api/auth/tiktok/authorize/route.ts

@@ -0,0 +1,70 @@
+import { createLogger } from '@sim/logger'
+import { type NextRequest, NextResponse } from 'next/server'
+import { getSession } from '@/lib/auth'
+import { env } from '@/lib/core/config/env'
+import { getBaseUrl } from '@/lib/core/utils/urls'
+
+const logger = createLogger('TikTokAuthorize')
+
+export const dynamic = 'force-dynamic'
+
+export async function GET(request: NextRequest) {
+  try {
+    const session = await getSession()
+    if (!session?.user?.id) {
+      return NextResponse.json({ error: 'Unauthorized' }, { status: 401 })
+    }
+
+    const clientKey = env.TIKTOK_CLIENT_ID
+
+    if (!clientKey) {
+      logger.error('TIKTOK_CLIENT_ID not configured')
+      return NextResponse.json({ error: 'TikTok client key not configured' }, { status: 500 })
+    }
+
+    // Get the return URL from query params or use default
+    const searchParams = request.nextUrl.searchParams
+    const returnUrl = searchParams.get('returnUrl') || `${getBaseUrl()}/workspace`
+
+    const baseUrl = getBaseUrl()
+    const redirectUri = `${baseUrl}/api/auth/tiktok/callback`
+
+    // Generate a random state for CSRF protection
+    const state = Buffer.from(
+      JSON.stringify({
+        returnUrl,
+        timestamp: Date.now(),
+      })
+    ).toString('base64url')
+
+    // TikTok scopes
+    const scopes = [
+      'user.info.basic',
+      'user.info.profile',
+      'user.info.stats',
+      'video.list',
+      'video.publish',
+    ]
+
+    // Build TikTok authorization URL with client_key (not client_id)
+    // Note: TikTok expects raw commas in scope parameter, not URL-encoded %2C
+    // So we manually construct the URL to avoid automatic encoding
+    const scopeString = scopes.join(',')
+    const encodedRedirectUri = encodeURIComponent(redirectUri)
+    const encodedState = encodeURIComponent(state)
+
+    const authUrl = `https://www.tiktok.com/v2/auth/authorize/?client_key=${clientKey}&response_type=code&scope=${scopeString}&redirect_uri=${encodedRedirectUri}&state=${encodedState}`
+
+    logger.info('Redirecting to TikTok authorization', {
+      clientKey: clientKey ? `${clientKey.substring(0, 8)}...` : 'NOT SET',
+      redirectUri,
+      scopes: scopeString,
+      fullUrl: authUrl,
+    })
+
+    return NextResponse.redirect(authUrl)
+  } catch (error) {
+    logger.error('Error initiating TikTok authorization:', error)
+    return NextResponse.json({ error: 'Internal server error' }, { status: 500 })
+  }
+}

apps/sim/app/api/auth/tiktok/callback/route.ts

@@ -0,0 +1,130 @@
+import { createLogger } from '@sim/logger'
+import { type NextRequest, NextResponse } from 'next/server'
+import { getSession } from '@/lib/auth'
+import { env } from '@/lib/core/config/env'
+import { getBaseUrl } from '@/lib/core/utils/urls'
+
+const logger = createLogger('TikTokCallback')
+
+export const dynamic = 'force-dynamic'
+
+export async function GET(request: NextRequest) {
+  const baseUrl = getBaseUrl()
+
+  try {
+    const session = await getSession()
+    if (!session?.user?.id) {
+      logger.error('No session found during TikTok callback')
+      return NextResponse.redirect(`${baseUrl}/workspace?error=unauthorized`)
+    }
+
+    const searchParams = request.nextUrl.searchParams
+    const code = searchParams.get('code')
+    const state = searchParams.get('state')
+    const error = searchParams.get('error')
+    const errorDescription = searchParams.get('error_description')
+
+    // Handle errors from TikTok
+    if (error) {
+      logger.error('TikTok authorization error:', { error, errorDescription })
+      return NextResponse.redirect(
+        `${baseUrl}/workspace?error=tiktok_auth_failed&message=${encodeURIComponent(errorDescription || error)}`
+      )
+    }
+
+    if (!code) {
+      logger.error('No authorization code received from TikTok')
+      return NextResponse.redirect(`${baseUrl}/workspace?error=no_code`)
+    }
+
+    // Parse state to get return URL
+    let returnUrl = `${baseUrl}/workspace`
+    if (state) {
+      try {
+        const stateData = JSON.parse(Buffer.from(state, 'base64url').toString())
+        returnUrl = stateData.returnUrl || returnUrl
+      } catch {
+        logger.warn('Failed to parse state parameter')
+      }
+    }
+
+    const clientKey = env.TIKTOK_CLIENT_ID
+    const clientSecret = env.TIKTOK_CLIENT_SECRET
+
+    if (!clientKey || !clientSecret) {
+      logger.error('TikTok credentials not configured')
+      return NextResponse.redirect(`${baseUrl}/workspace?error=config_error`)
+    }
+
+    const redirectUri = `${baseUrl}/api/auth/tiktok/callback`
+
+    // Exchange authorization code for access token
+    // TikTok uses client_key instead of client_id
+    const tokenResponse = await fetch('https://open.tiktokapis.com/v2/oauth/token/', {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/x-www-form-urlencoded',
+      },
+      body: new URLSearchParams({
+        client_key: clientKey,
+        client_secret: clientSecret,
+        code,
+        grant_type: 'authorization_code',
+        redirect_uri: redirectUri,
+      }).toString(),
+    })
+
+    if (!tokenResponse.ok) {
+      const errorText = await tokenResponse.text()
+      logger.error('Failed to exchange code for token:', {
+        status: tokenResponse.status,
+        error: errorText,
+      })
+      return NextResponse.redirect(`${baseUrl}/workspace?error=token_exchange_failed`)
+    }
+
+    const tokenData = await tokenResponse.json()
+
+    if (tokenData.error) {
+      logger.error('TikTok token error:', tokenData)
+      return NextResponse.redirect(
+        `${baseUrl}/workspace?error=tiktok_token_error&message=${encodeURIComponent(tokenData.error_description || tokenData.error)}`
+      )
+    }
+
+    const { access_token, refresh_token, expires_in, open_id, scope } = tokenData
+
+    if (!access_token) {
+      logger.error('No access token in TikTok response:', tokenData)
+      return NextResponse.redirect(`${baseUrl}/workspace?error=no_access_token`)
+    }
+
+    // Store the tokens by calling the store endpoint
+    const storeResponse = await fetch(`${baseUrl}/api/auth/tiktok/store`, {
+      method: 'POST',
+      headers: {
+        'Content-Type': 'application/json',
+        Cookie: request.headers.get('cookie') || '',
+      },
+      body: JSON.stringify({
+        accessToken: access_token,
+        refreshToken: refresh_token,
+        expiresIn: expires_in,
+        openId: open_id,
+        scope,
+      }),
+    })
+
+    if (!storeResponse.ok) {
+      const storeError = await storeResponse.text()
+      logger.error('Failed to store TikTok tokens:', storeError)
+      return NextResponse.redirect(`${baseUrl}/workspace?error=store_failed`)
+    }
+
+    logger.info('TikTok authorization successful')
+    return NextResponse.redirect(`${returnUrl}?tiktok_connected=true`)
+  } catch (error) {
+    logger.error('Error in TikTok callback:', error)
+    return NextResponse.redirect(`${baseUrl}/workspace?error=callback_error`)
+  }
+}

apps/sim/app/api/auth/tiktok/store/route.ts

@@ -0,0 +1,108 @@
+import { createLogger } from '@sim/logger'
+import { and, eq } from 'drizzle-orm'
+import { type NextRequest, NextResponse } from 'next/server'
+import { getSession } from '@/lib/auth'
+import { getTikTokRefreshTokenExpiry } from '@/lib/oauth/utils'
+import { safeAccountInsert } from '@/app/api/auth/oauth/utils'
+import { db } from '@/../../packages/db'
+import { account } from '@/../../packages/db/schema'
+
+const logger = createLogger('TikTokStore')
+
+export const dynamic = 'force-dynamic'
+
+export async function POST(request: NextRequest) {
+  try {
+    const session = await getSession()
+    if (!session?.user?.id) {
+      logger.warn('Unauthorized attempt to store TikTok token')
+      return NextResponse.json({ success: false, error: 'Unauthorized' }, { status: 401 })
+    }
+
+    const body = await request.json()
+    const { accessToken, refreshToken, expiresIn, openId, scope } = body
+
+    if (!accessToken || !openId) {
+      return NextResponse.json(
+        { success: false, error: 'Access token and open_id required' },
+        { status: 400 }
+      )
+    }
+
+    // Fetch user info from TikTok to get display name
+    let displayName = 'TikTok User'
+    let avatarUrl: string | undefined
+
+    try {
+      const userResponse = await fetch(
+        'https://open.tiktokapis.com/v2/user/info/?fields=open_id,union_id,avatar_url,display_name',
+        {
+          headers: {
+            Authorization: `Bearer ${accessToken}`,
+          },
+        }
+      )
+
+      if (userResponse.ok) {
+        const userData = await userResponse.json()
+        if (userData.data?.user) {
+          displayName = userData.data.user.display_name || displayName
+          avatarUrl = userData.data.user.avatar_url
+        }
+      }
+    } catch (error) {
+      logger.warn('Failed to fetch TikTok user info:', error)
+    }
+
+    const existing = await db.query.account.findFirst({
+      where: and(eq(account.userId, session.user.id), eq(account.providerId, 'tiktok')),
+    })
+
+    const now = new Date()
+    const accessTokenExpiresAt = expiresIn ? new Date(Date.now() + expiresIn * 1000) : undefined
+    const refreshTokenExpiresAt = getTikTokRefreshTokenExpiry()
+
+    if (existing) {
+      await db
+        .update(account)
+        .set({
+          accessToken,
+          refreshToken,
+          accountId: openId,
+          scope:
+            scope || 'user.info.basic,user.info.profile,user.info.stats,video.list,video.publish',
+          accessTokenExpiresAt,
+          refreshTokenExpiresAt,
+          updatedAt: now,
+        })
+        .where(eq(account.id, existing.id))
+
+      logger.info('Updated existing TikTok account', { accountId: openId })
+    } else {
+      await safeAccountInsert(
+        {
+          id: `tiktok_${session.user.id}_${Date.now()}`,
+          userId: session.user.id,
+          providerId: 'tiktok',
+          accountId: openId,
+          accessToken,
+          refreshToken,
+          scope:
+            scope || 'user.info.basic,user.info.profile,user.info.stats,video.list,video.publish',
+          accessTokenExpiresAt,
+          refreshTokenExpiresAt,
+          createdAt: now,
+          updatedAt: now,
+        },
+        { provider: 'TikTok', identifier: openId }
+      )
+
+      logger.info('Created new TikTok account', { accountId: openId })
+    }
+
+    return NextResponse.json({ success: true })
+  } catch (error) {
+    logger.error('Error storing TikTok token:', error)
+    return NextResponse.json({ success: false, error: 'Internal server error' }, { status: 500 })
+  }
+}

apps/sim/app/workspace/[workspaceId]/w/[workflowId]/components/panel/components/editor/components/sub-block/components/credential-selector/components/oauth-required-modal.tsx

@@ -294,6 +294,13 @@ const SCOPE_DESCRIPTIONS: Record<string, string> = {
   'user-follow-modify': 'Follow and unfollow artists and users',
   'user-read-playback-position': 'View playback position in podcasts',
   'ugc-image-upload': 'Upload images to Spotify playlists',
+  // TikTok scopes
+  'user.info.basic': 'View basic profile info (avatar, display name)',
+  'user.info.profile': 'View profile details (bio, verified status)',
+  'user.info.stats': 'View account statistics (likes, followers, video count)',
+  'video.list': 'View public videos',
+  'video.publish': 'Post content to profile',
+  'video.upload': 'Upload content as draft',
 }
 
 function getScopeDescription(scope: string): string {
@@ -373,6 +380,13 @@ export function OAuthRequiredModal({
         return
       }
 
+      if (providerId === 'tiktok') {
+        onClose()
+        const returnUrl = encodeURIComponent(window.location.href)
+        window.location.href = `/api/auth/tiktok/authorize?returnUrl=${returnUrl}`
+        return
+      }
+
       await client.oauth2.link({
         providerId,
         callbackURL: window.location.href,

apps/sim/blocks/blocks/tiktok.ts

@@ -0,0 +1,291 @@
+import { TikTokIcon } from '@/components/icons'
+import type { BlockConfig } from '@/blocks/types'
+import { AuthMode } from '@/blocks/types'
+import type { TikTokResponse } from '@/tools/tiktok/types'
+
+export const TikTokBlock: BlockConfig<TikTokResponse> = {
+  type: 'tiktok',
+  name: 'TikTok',
+  description: 'Access TikTok user profiles, videos, and publish content',
+  authMode: AuthMode.OAuth,
+  longDescription:
+    'Integrate TikTok into your workflow. Get user profile information including follower counts and video statistics. List and query videos with cover images, embed links, and metadata. Publish videos directly to TikTok from public URLs.',
+  docsLink: 'https://docs.sim.ai/tools/tiktok',
+  category: 'tools',
+  bgColor: '#000000',
+  icon: TikTokIcon,
+  subBlocks: [
+    // Operation selection
+    {
+      id: 'operation',
+      title: 'Operation',
+      type: 'dropdown',
+      options: [
+        { label: 'Get User Info', id: 'get_user' },
+        { label: 'List Videos', id: 'list_videos' },
+        { label: 'Query Videos', id: 'query_videos' },
+        { label: 'Query Creator Info', id: 'query_creator_info' },
+        { label: 'Direct Post Video', id: 'direct_post_video' },
+        { label: 'Get Post Status', id: 'get_post_status' },
+      ],
+      value: () => 'get_user',
+    },
+
+    // TikTok OAuth Authentication
+    {
+      id: 'credential',
+      title: 'TikTok Account',
+      type: 'oauth-input',
+      serviceId: 'tiktok',
+      placeholder: 'Select TikTok account',
+      required: true,
+    },
+
+    // Get User Info specific fields
+    {
+      id: 'fields',
+      title: 'Fields',
+      type: 'short-input',
+      placeholder: 'open_id,display_name,avatar_url,follower_count,video_count',
+      condition: {
+        field: 'operation',
+        value: 'get_user',
+      },
+    },
+
+    // List Videos specific fields
+    {
+      id: 'maxCount',
+      title: 'Max Count',
+      type: 'short-input',
+      placeholder: '20',
+      condition: {
+        field: 'operation',
+        value: 'list_videos',
+      },
+    },
+    {
+      id: 'cursor',
+      title: 'Cursor',
+      type: 'short-input',
+      placeholder: 'Pagination cursor from previous response',
+      condition: {
+        field: 'operation',
+        value: 'list_videos',
+      },
+    },
+
+    // Query Videos specific fields
+    {
+      id: 'videoIds',
+      title: 'Video IDs',
+      type: 'long-input',
+      placeholder: 'Comma-separated video IDs (e.g., 7077642457847994444,7080217258529732386)',
+      condition: {
+        field: 'operation',
+        value: 'query_videos',
+      },
+      required: {
+        field: 'operation',
+        value: 'query_videos',
+      },
+    },
+
+    // Direct Post Video specific fields
+    {
+      id: 'videoUrl',
+      title: 'Video URL',
+      type: 'short-input',
+      placeholder: 'https://example.com/video.mp4',
+      condition: {
+        field: 'operation',
+        value: 'direct_post_video',
+      },
+      required: {
+        field: 'operation',
+        value: 'direct_post_video',
+      },
+    },
+    {
+      id: 'title',
+      title: 'Caption',
+      type: 'long-input',
+      placeholder: 'Video caption with #hashtags and @mentions',
+      condition: {
+        field: 'operation',
+        value: 'direct_post_video',
+      },
+    },
+    {
+      id: 'privacyLevel',
+      title: 'Privacy Level',
+      type: 'dropdown',
+      options: [
+        { label: 'Public', id: 'PUBLIC_TO_EVERYONE' },
+        { label: 'Friends', id: 'MUTUAL_FOLLOW_FRIENDS' },
+        { label: 'Followers', id: 'FOLLOWER_OF_CREATOR' },
+        { label: 'Only Me', id: 'SELF_ONLY' },
+      ],
+      value: () => 'PUBLIC_TO_EVERYONE',
+      condition: {
+        field: 'operation',
+        value: 'direct_post_video',
+      },
+    },
+    {
+      id: 'disableComment',
+      title: 'Disable Comments',
+      type: 'dropdown',
+      options: [
+        { label: 'No', id: 'false' },
+        { label: 'Yes', id: 'true' },
+      ],
+      value: () => 'false',
+      condition: {
+        field: 'operation',
+        value: 'direct_post_video',
+      },
+    },
+
+    // Get Post Status specific fields
+    {
+      id: 'publishId',
+      title: 'Publish ID',
+      type: 'short-input',
+      placeholder: 'v_pub_file~v2-1.123456789',
+      condition: {
+        field: 'operation',
+        value: 'get_post_status',
+      },
+      required: {
+        field: 'operation',
+        value: 'get_post_status',
+      },
+    },
+  ],
+  tools: {
+    access: [
+      'tiktok_get_user',
+      'tiktok_list_videos',
+      'tiktok_query_videos',
+      'tiktok_query_creator_info',
+      'tiktok_direct_post_video',
+      'tiktok_get_post_status',
+    ],
+    config: {
+      tool: (inputs) => {
+        const operation = inputs.operation || 'get_user'
+
+        switch (operation) {
+          case 'list_videos':
+            return 'tiktok_list_videos'
+          case 'query_videos':
+            return 'tiktok_query_videos'
+          case 'query_creator_info':
+            return 'tiktok_query_creator_info'
+          case 'direct_post_video':
+            return 'tiktok_direct_post_video'
+          case 'get_post_status':
+            return 'tiktok_get_post_status'
+          default:
+            return 'tiktok_get_user'
+        }
+      },
+      params: (inputs) => {
+        const operation = inputs.operation || 'get_user'
+        const { credential } = inputs
+
+        switch (operation) {
+          case 'get_user':
+            return {
+              accessToken: credential,
+              ...(inputs.fields && { fields: inputs.fields }),
+            }
+          case 'list_videos':
+            return {
+              accessToken: credential,
+              ...(inputs.maxCount && { maxCount: Number(inputs.maxCount) }),
+              ...(inputs.cursor && { cursor: Number(inputs.cursor) }),
+            }
+          case 'query_videos':
+            return {
+              accessToken: credential,
+              videoIds: inputs.videoIds
+                ? inputs.videoIds.split(',').map((id: string) => id.trim())
+                : [],
+            }
+          case 'query_creator_info':
+            return {
+              accessToken: credential,
+            }
+          case 'direct_post_video':
+            return {
+              accessToken: credential,
+              videoUrl: inputs.videoUrl || '',
+              privacyLevel: inputs.privacyLevel || 'PUBLIC_TO_EVERYONE',
+              ...(inputs.title && { title: inputs.title }),
+              ...(inputs.disableComment === 'true' && { disableComment: true }),
+            }
+          case 'get_post_status':
+            return {
+              accessToken: credential,
+              publishId: inputs.publishId || '',
+            }
+          default:
+            return {
+              accessToken: credential,
+            }
+        }
+      },
+    },
+  },
+  inputs: {
+    operation: { type: 'string', description: 'Operation to perform' },
+    credential: { type: 'string', description: 'TikTok access token' },
+    fields: { type: 'string', description: 'Comma-separated list of user fields to return' },
+    maxCount: { type: 'number', description: 'Maximum number of videos to return (1-20)' },
+    cursor: { type: 'number', description: 'Pagination cursor from previous response' },
+    videoIds: { type: 'string', description: 'Comma-separated list of video IDs to query' },
+    videoUrl: { type: 'string', description: 'Public URL of the video to post' },
+    title: { type: 'string', description: 'Video caption/description' },
+    privacyLevel: { type: 'string', description: 'Privacy level for the video' },
+    disableComment: { type: 'string', description: 'Whether to disable comments' },
+    publishId: { type: 'string', description: 'Publish ID to check status for' },
+  },
+  outputs: {
+    // Get User outputs
+    openId: { type: 'string', description: 'TikTok user ID' },
+    displayName: { type: 'string', description: 'User display name' },
+    avatarUrl: { type: 'string', description: 'Profile image URL' },
+    bioDescription: { type: 'string', description: 'User bio' },
+    followerCount: { type: 'number', description: 'Number of followers' },
+    followingCount: { type: 'number', description: 'Number of accounts followed' },
+    likesCount: { type: 'number', description: 'Total likes received' },
+    videoCount: { type: 'number', description: 'Total public videos' },
+    isVerified: { type: 'boolean', description: 'Whether account is verified' },
+    // List/Query Videos outputs
+    videos: { type: 'json', description: 'Array of video objects' },
+    hasMore: { type: 'boolean', description: 'Whether more videos are available' },
+    // Query Creator Info outputs
+    creatorAvatarUrl: { type: 'string', description: 'Creator avatar URL' },
+    creatorUsername: { type: 'string', description: 'Creator username' },
+    creatorNickname: { type: 'string', description: 'Creator nickname' },
+    privacyLevelOptions: { type: 'json', description: 'Available privacy levels for posting' },
+    commentDisabled: { type: 'boolean', description: 'Whether comments are disabled by default' },
+    duetDisabled: { type: 'boolean', description: 'Whether duets are disabled by default' },
+    stitchDisabled: { type: 'boolean', description: 'Whether stitches are disabled by default' },
+    maxVideoPostDurationSec: { type: 'number', description: 'Max video duration in seconds' },
+    // Direct Post Video outputs
+    publishId: { type: 'string', description: 'Publish ID for tracking post status' },
+    // Get Post Status outputs
+    status: {
+      type: 'string',
+      description: 'Post status (PROCESSING_DOWNLOAD, PUBLISH_COMPLETE, FAILED)',
+    },
+    failReason: { type: 'string', description: 'Reason for failure if status is FAILED' },
+    publiclyAvailablePostId: {
+      type: 'json',
+      description: 'Array of public post IDs when published',
+    },
+  },
+}

apps/sim/blocks/registry.ts

@@ -131,6 +131,7 @@ import { TavilyBlock } from '@/blocks/blocks/tavily'
 import { TelegramBlock } from '@/blocks/blocks/telegram'
 import { TextractBlock } from '@/blocks/blocks/textract'
 import { ThinkingBlock } from '@/blocks/blocks/thinking'
+import { TikTokBlock } from '@/blocks/blocks/tiktok'
 import { TinybirdBlock } from '@/blocks/blocks/tinybird'
 import { TranslateBlock } from '@/blocks/blocks/translate'
 import { TrelloBlock } from '@/blocks/blocks/trello'
@@ -303,6 +304,7 @@ export const registry: Record<string, BlockConfig> = {
   supabase: SupabaseBlock,
   tavily: TavilyBlock,
   telegram: TelegramBlock,
+  tiktok: TikTokBlock,
   textract: TextractBlock,
   thinking: ThinkingBlock,
   tinybird: TinybirdBlock,

apps/sim/components/icons.tsx

@@ -3472,6 +3472,14 @@ export function HumanInTheLoopIcon(props: SVGProps<SVGSVGElement>) {
   )
 }
 
+export function TikTokIcon(props: SVGProps<SVGSVGElement>) {
+  return (
+    <svg {...props} xmlns='http://www.w3.org/2000/svg' viewBox='0 0 24 24' fill='currentColor'>
+      <path d='M19.59 6.69a4.83 4.83 0 0 1-3.77-4.25V2h-3.45v13.67a2.89 2.89 0 0 1-5.2 1.74 2.89 2.89 0 0 1 2.31-4.64 2.93 2.93 0 0 1 .88.13V9.4a6.84 6.84 0 0 0-1-.05A6.33 6.33 0 0 0 5 20.1a6.34 6.34 0 0 0 10.86-4.43v-7a8.16 8.16 0 0 0 4.77 1.52v-3.4a4.85 4.85 0 0 1-1-.1z' />
+    </svg>
+  )
+}
+
 export function TrelloIcon(props: SVGProps<SVGSVGElement>) {
   return (
     <svg

apps/sim/lib/auth/auth.ts

@@ -23,6 +23,8 @@ import {
   renderPasswordResetEmail,
   renderWelcomeEmail,
 } from '@/components/emails'
+import { createAnonymousSession, ensureAnonymousUserExists } from '@/lib/auth/anonymous'
+import { SSO_TRUSTED_PROVIDERS } from '@/lib/auth/sso/constants'
 import { sendPlanWelcomeEmail } from '@/lib/billing'
 import { authorizeSubscriptionReference } from '@/lib/billing/authorization'
 import { handleNewUser } from '@/lib/billing/core/usage'
@@ -59,12 +61,15 @@ import { sendEmail } from '@/lib/messaging/email/mailer'
 import { getFromEmailAddress, getPersonalEmailFrom } from '@/lib/messaging/email/utils'
 import { quickValidateEmail } from '@/lib/messaging/email/validation'
 import { syncAllWebhooksForCredentialSet } from '@/lib/webhooks/utils.server'
-import { createAnonymousSession, ensureAnonymousUserExists } from './anonymous'
-import { SSO_TRUSTED_PROVIDERS } from './sso/constants'
 
 const logger = createLogger('Auth')
 
-import { getMicrosoftRefreshTokenExpiry, isMicrosoftProvider } from '@/lib/oauth/microsoft'
+import {
+  getMicrosoftRefreshTokenExpiry,
+  getTikTokRefreshTokenExpiry,
+  isMicrosoftProvider,
+  isTikTokProvider,
+} from '@/lib/oauth/utils'
 
 const validStripeKey = env.STRIPE_SECRET_KEY
 
@@ -191,7 +196,9 @@ export const auth = betterAuth({
 
             const refreshTokenExpiresAt = isMicrosoftProvider(account.providerId)
               ? getMicrosoftRefreshTokenExpiry()
-              : account.refreshTokenExpiresAt
+              : isTikTokProvider(account.providerId)
+                ? getTikTokRefreshTokenExpiry()
+                : account.refreshTokenExpiresAt
 
             await db
               .update(schema.account)
@@ -316,6 +323,13 @@ export const auth = betterAuth({
               .where(eq(schema.account.id, account.id))
           }
 
+          if (isTikTokProvider(account.providerId)) {
+            await db
+              .update(schema.account)
+              .set({ refreshTokenExpiresAt: getTikTokRefreshTokenExpiry() })
+              .where(eq(schema.account.id, account.id))
+          }
+
           // Sync webhooks for credential sets after connecting a new credential
           const requestId = crypto.randomUUID().slice(0, 8)
           const userMemberships = await db
@@ -2495,6 +2509,11 @@ export const auth = betterAuth({
           },
         },
 
+        // TikTok provider - REMOVED from generic OAuth
+        // TikTok uses non-standard OAuth (client_key instead of client_id)
+        // and cannot work with the generic OAuth plugin.
+        // TikTok OAuth is handled via custom routes at /api/auth/tiktok/*
+
         // WordPress.com provider
         {
           providerId: 'wordpress',

apps/sim/lib/core/config/env.ts

@@ -244,6 +244,8 @@ export const env = createEnv({
     SPOTIFY_CLIENT_ID:                     z.string().optional(),                  // Spotify OAuth client ID
     SPOTIFY_CLIENT_SECRET:                 z.string().optional(),                  // Spotify OAuth client secret
     CALCOM_CLIENT_ID:                      z.string().optional(),                  // Cal.com OAuth client ID
+    TIKTOK_CLIENT_ID:                      z.string().optional(),                  // TikTok OAuth client ID
+    TIKTOK_CLIENT_SECRET:                  z.string().optional(),                  // TikTok OAuth client secret
 
     // E2B Remote Code Execution
     E2B_ENABLED:                           z.string().optional(),                  // Enable E2B remote code execution

apps/sim/lib/oauth/index.ts

@@ -1,4 +1,3 @@
-export * from './microsoft'
 export * from './oauth'
 export * from './types'
 export * from './utils'

apps/sim/lib/oauth/microsoft.ts

@@ -1,19 +0,0 @@
-export const MICROSOFT_REFRESH_TOKEN_LIFETIME_DAYS = 90
-export const PROACTIVE_REFRESH_THRESHOLD_DAYS = 7
-
-export const MICROSOFT_PROVIDERS = new Set([
-  'microsoft-excel',
-  'microsoft-planner',
-  'microsoft-teams',
-  'outlook',
-  'onedrive',
-  'sharepoint',
-])
-
-export function isMicrosoftProvider(providerId: string): boolean {
-  return MICROSOFT_PROVIDERS.has(providerId)
-}
-
-export function getMicrosoftRefreshTokenExpiry(): Date {
-  return new Date(Date.now() + MICROSOFT_REFRESH_TOKEN_LIFETIME_DAYS * 24 * 60 * 60 * 1000)
-}

apps/sim/lib/oauth/oauth.ts

@@ -32,6 +32,7 @@ import {
   ShopifyIcon,
   SlackIcon,
   SpotifyIcon,
+  TikTokIcon,
   TrelloIcon,
   VertexIcon,
   WealthboxIcon,
@@ -796,6 +797,27 @@ export const OAUTH_PROVIDERS: Record<string, OAuthProviderConfig> = {
     },
     defaultService: 'spotify',
   },
+  tiktok: {
+    name: 'TikTok',
+    icon: TikTokIcon,
+    services: {
+      tiktok: {
+        name: 'TikTok',
+        description: 'Access TikTok user profiles, videos, and publish content.',
+        providerId: 'tiktok',
+        icon: TikTokIcon,
+        baseProviderIcon: TikTokIcon,
+        scopes: [
+          'user.info.basic',
+          'user.info.profile',
+          'user.info.stats',
+          'video.list',
+          'video.publish',
+        ],
+      },
+    },
+    defaultService: 'tiktok',
+  },
 }
 
 interface ProviderAuthConfig {
@@ -810,6 +832,11 @@ interface ProviderAuthConfig {
    * instead of in the request body. Used by Cal.com.
    */
   refreshTokenInAuthHeader?: boolean
+  /**
+   * Custom parameter name for client ID in request body.
+   * Defaults to 'client_id'. TikTok uses 'client_key'.
+   */
+  clientIdParamName?: string
 }
 
 /**
@@ -1135,6 +1162,20 @@ function getProviderAuthConfig(provider: string): ProviderAuthConfig {
         supportsRefreshTokenRotation: false,
       }
     }
+    case 'tiktok': {
+      const { clientId, clientSecret } = getCredentials(
+        env.TIKTOK_CLIENT_ID,
+        env.TIKTOK_CLIENT_SECRET
+      )
+      return {
+        tokenEndpoint: 'https://open.tiktokapis.com/v2/oauth/token/',
+        clientId,
+        clientSecret,
+        useBasicAuth: false,
+        supportsRefreshTokenRotation: true,
+        clientIdParamName: 'client_key', // TikTok uses client_key instead of client_id
+      }
+    }
     default:
       throw new Error(`Unsupported provider: ${provider}`)
   }
@@ -1171,7 +1212,9 @@ function buildAuthRequest(
     headers.Authorization = `Basic ${basicAuth}`
   } else {
     // Use body credentials - include client credentials in request body
-    bodyParams.client_id = config.clientId
+    // Use custom param name if specified (e.g., TikTok uses 'client_key' instead of 'client_id')
+    const clientIdParam = config.clientIdParamName || 'client_id'
+    bodyParams[clientIdParam] = config.clientId
     if (config.clientSecret) {
       bodyParams.client_secret = config.clientSecret
     }

apps/sim/lib/oauth/types.ts

@@ -42,6 +42,7 @@ export type OAuthProvider =
   | 'wordpress'
   | 'spotify'
   | 'calcom'
+  | 'tiktok'
 
 export type OAuthService =
   | 'google'
@@ -83,6 +84,7 @@ export type OAuthService =
   | 'wordpress'
   | 'spotify'
   | 'calcom'
+  | 'tiktok'
 
 export interface OAuthProviderConfig {
   name: string

apps/sim/lib/oauth/utils.ts

@@ -7,6 +7,49 @@ import type {
   ScopeEvaluation,
 } from './types'
 
+// =============================================================================
+// Refresh Token Configuration
+// =============================================================================
+
+// Microsoft refresh token configuration (90 days)
+const MICROSOFT_REFRESH_TOKEN_LIFETIME_DAYS = 90
+export const PROACTIVE_REFRESH_THRESHOLD_DAYS = 7
+
+const MICROSOFT_PROVIDERS = new Set([
+  'microsoft-excel',
+  'microsoft-planner',
+  'microsoft-teams',
+  'outlook',
+  'onedrive',
+  'sharepoint',
+])
+
+export function isMicrosoftProvider(providerId: string): boolean {
+  return MICROSOFT_PROVIDERS.has(providerId)
+}
+
+export function getMicrosoftRefreshTokenExpiry(): Date {
+  return new Date(Date.now() + MICROSOFT_REFRESH_TOKEN_LIFETIME_DAYS * 24 * 60 * 60 * 1000)
+}
+
+// TikTok refresh token configuration (365 days)
+// TikTok access tokens expire in 24 hours, refresh tokens are valid for 365 days
+const TIKTOK_REFRESH_TOKEN_LIFETIME_DAYS = 365
+
+const TIKTOK_PROVIDERS = new Set(['tiktok'])
+
+export function isTikTokProvider(providerId: string): boolean {
+  return TIKTOK_PROVIDERS.has(providerId)
+}
+
+export function getTikTokRefreshTokenExpiry(): Date {
+  return new Date(Date.now() + TIKTOK_REFRESH_TOKEN_LIFETIME_DAYS * 24 * 60 * 60 * 1000)
+}
+
+// =============================================================================
+// OAuth Service Utilities
+// =============================================================================
+
 /**
  * Returns a flat list of all available OAuth services with metadata.
  * This is safe to use on the server as it doesn't include React components.

apps/sim/tools/registry.ts

@@ -1625,6 +1625,14 @@ import {
 } from '@/tools/telegram'
 import { textractParserTool } from '@/tools/textract'
 import { thinkingTool } from '@/tools/thinking'
+import {
+  tiktokDirectPostVideoTool,
+  tiktokGetPostStatusTool,
+  tiktokGetUserTool,
+  tiktokListVideosTool,
+  tiktokQueryCreatorInfoTool,
+  tiktokQueryVideosTool,
+} from '@/tools/tiktok'
 import { tinybirdEventsTool, tinybirdQueryTool } from '@/tools/tinybird'
 import {
   trelloAddCommentTool,
@@ -2731,6 +2739,12 @@ export const tools: Record<string, ToolConfig> = {
   telegram_send_photo: telegramSendPhotoTool,
   telegram_send_video: telegramSendVideoTool,
   telegram_send_document: telegramSendDocumentTool,
+  tiktok_get_user: tiktokGetUserTool,
+  tiktok_list_videos: tiktokListVideosTool,
+  tiktok_query_videos: tiktokQueryVideosTool,
+  tiktok_query_creator_info: tiktokQueryCreatorInfoTool,
+  tiktok_direct_post_video: tiktokDirectPostVideoTool,
+  tiktok_get_post_status: tiktokGetPostStatusTool,
   clay_populate: clayPopulateTool,
   clerk_list_users: clerkListUsersTool,
   clerk_get_user: clerkGetUserTool,

apps/sim/tools/tiktok/direct_post_video.ts

@@ -0,0 +1,156 @@
+import type {
+  TikTokDirectPostVideoParams,
+  TikTokDirectPostVideoResponse,
+} from '@/tools/tiktok/types'
+import type { ToolConfig } from '@/tools/types'
+
+export const tiktokDirectPostVideoTool: ToolConfig<
+  TikTokDirectPostVideoParams,
+  TikTokDirectPostVideoResponse
+> = {
+  id: 'tiktok_direct_post_video',
+  name: 'TikTok Direct Post Video',
+  description:
+    'Publish a video to TikTok from a public URL. TikTok will fetch the video from the provided URL and post it to the authenticated user account. Rate limit: 6 requests per minute per user.',
+  version: '1.0.0',
+
+  oauth: {
+    required: true,
+    provider: 'tiktok',
+    requiredScopes: ['video.publish'],
+  },
+
+  params: {
+    videoUrl: {
+      type: 'string',
+      required: true,
+      visibility: 'user-or-llm',
+      description: 'Public URL of the video to post. Must be accessible by TikTok servers.',
+    },
+    title: {
+      type: 'string',
+      required: false,
+      visibility: 'user-or-llm',
+      description: 'Video caption/description. Maximum 2200 characters.',
+    },
+    privacyLevel: {
+      type: 'string',
+      required: true,
+      visibility: 'user-or-llm',
+      description:
+        'Privacy level for the video. Options: PUBLIC_TO_EVERYONE, MUTUAL_FOLLOW_FRIENDS, FOLLOWER_OF_CREATOR, SELF_ONLY. Note: Unaudited apps may be restricted to SELF_ONLY.',
+    },
+    disableDuet: {
+      type: 'boolean',
+      required: false,
+      visibility: 'user-or-llm',
+      description: 'Disable duet for this video. Defaults to false.',
+    },
+    disableStitch: {
+      type: 'boolean',
+      required: false,
+      visibility: 'user-or-llm',
+      description: 'Disable stitch for this video. Defaults to false.',
+    },
+    disableComment: {
+      type: 'boolean',
+      required: false,
+      visibility: 'user-or-llm',
+      description: 'Disable comments for this video. Defaults to false.',
+    },
+    videoCoverTimestampMs: {
+      type: 'number',
+      required: false,
+      visibility: 'user-or-llm',
+      description: 'Timestamp in milliseconds to use as the video cover image.',
+    },
+    isAigc: {
+      type: 'boolean',
+      required: false,
+      visibility: 'user-or-llm',
+      description: 'Set to true if the video is AI-generated content (AIGC).',
+    },
+  },
+
+  request: {
+    url: () => 'https://open.tiktokapis.com/v2/post/publish/video/init/',
+    method: 'POST',
+    headers: (params: TikTokDirectPostVideoParams) => ({
+      Authorization: `Bearer ${params.accessToken}`,
+      'Content-Type': 'application/json; charset=UTF-8',
+    }),
+    body: (params: TikTokDirectPostVideoParams) => {
+      const postInfo: Record<string, unknown> = {
+        privacy_level: params.privacyLevel,
+      }
+
+      if (params.title) {
+        postInfo.title = params.title
+      }
+      if (params.disableDuet !== undefined) {
+        postInfo.disable_duet = params.disableDuet
+      }
+      if (params.disableStitch !== undefined) {
+        postInfo.disable_stitch = params.disableStitch
+      }
+      if (params.disableComment !== undefined) {
+        postInfo.disable_comment = params.disableComment
+      }
+      if (params.videoCoverTimestampMs !== undefined) {
+        postInfo.video_cover_timestamp_ms = params.videoCoverTimestampMs
+      }
+      if (params.isAigc !== undefined) {
+        postInfo.is_aigc = params.isAigc
+      }
+
+      return {
+        post_info: postInfo,
+        source_info: {
+          source: 'PULL_FROM_URL',
+          video_url: params.videoUrl,
+        },
+      }
+    },
+  },
+
+  transformResponse: async (response: Response): Promise<TikTokDirectPostVideoResponse> => {
+    const data = await response.json()
+
+    if (data.error?.code !== 'ok' && data.error?.code) {
+      return {
+        success: false,
+        output: {
+          publishId: '',
+        },
+        error: data.error?.message || 'Failed to initiate video post',
+      }
+    }
+
+    const publishId = data.data?.publish_id
+
+    if (!publishId) {
+      return {
+        success: false,
+        output: {
+          publishId: '',
+        },
+        error: 'No publish ID returned',
+      }
+    }
+
+    return {
+      success: true,
+      output: {
+        publishId: publishId,
+      },
+    }
+  },
+
+  outputs: {
+    publishId: {
+      type: 'string',
+      description:
+        'Unique identifier for tracking the post status. Use this with the Get Post Status tool to check if the video was successfully published.',
+    },
+  },
+}

apps/sim/tools/tiktok/get_post_status.ts

@@ -0,0 +1,97 @@
+import type { TikTokGetPostStatusParams, TikTokGetPostStatusResponse } from '@/tools/tiktok/types'
+import type { ToolConfig } from '@/tools/types'
+
+export const tiktokGetPostStatusTool: ToolConfig<
+  TikTokGetPostStatusParams,
+  TikTokGetPostStatusResponse
+> = {
+  id: 'tiktok_get_post_status',
+  name: 'TikTok Get Post Status',
+  description:
+    'Check the status of a video post initiated with Direct Post Video. Use the publishId returned from the post request to track progress.',
+  version: '1.0.0',
+
+  oauth: {
+    required: true,
+    provider: 'tiktok',
+    requiredScopes: ['video.publish'],
+  },
+
+  params: {
+    publishId: {
+      type: 'string',
+      required: true,
+      visibility: 'user-or-llm',
+      description: 'The publish ID returned from the Direct Post Video tool.',
+    },
+  },
+
+  request: {
+    url: () => 'https://open.tiktokapis.com/v2/post/publish/status/fetch/',
+    method: 'POST',
+    headers: (params: TikTokGetPostStatusParams) => ({
+      Authorization: `Bearer ${params.accessToken}`,
+      'Content-Type': 'application/json; charset=UTF-8',
+    }),
+    body: (params: TikTokGetPostStatusParams) => ({
+      publish_id: params.publishId,
+    }),
+  },
+
+  transformResponse: async (response: Response): Promise<TikTokGetPostStatusResponse> => {
+    const data = await response.json()
+
+    if (data.error?.code !== 'ok' && data.error?.code) {
+      return {
+        success: false,
+        output: {
+          status: '',
+          failReason: null,
+          publiclyAvailablePostId: [],
+        },
+        error: data.error?.message || 'Failed to fetch post status',
+      }
+    }
+
+    const statusData = data.data
+
+    if (!statusData) {
+      return {
+        success: false,
+        output: {
+          status: '',
+          failReason: null,
+          publiclyAvailablePostId: [],
+        },
+        error: 'No status data returned',
+      }
+    }
+
+    return {
+      success: true,
+      output: {
+        status: statusData.status ?? '',
+        failReason: statusData.fail_reason ?? null,
+        publiclyAvailablePostId: statusData.publicaly_available_post_id ?? [],
+      },
+    }
+  },
+
+  outputs: {
+    status: {
+      type: 'string',
+      description:
+        'Current status of the post. Values: PROCESSING_DOWNLOAD (TikTok is downloading the video), PUBLISH_COMPLETE (successfully posted), FAILED (check failReason).',
+    },
+    failReason: {
+      type: 'string',
+      description: 'Reason for failure if status is FAILED. Null otherwise.',
+      optional: true,
+    },
+    publiclyAvailablePostId: {
+      type: 'array',
+      description:
+        'Array of public post IDs once the video is published. Can be used to construct the TikTok video URL.',
+    },
+  },
+}

apps/sim/tools/tiktok/get_user.ts

@@ -0,0 +1,185 @@
+import type { TikTokGetUserParams, TikTokGetUserResponse } from '@/tools/tiktok/types'
+import type { ToolConfig } from '@/tools/types'
+
+export const tiktokGetUserTool: ToolConfig<TikTokGetUserParams, TikTokGetUserResponse> = {
+  id: 'tiktok_get_user',
+  name: 'TikTok Get User',
+  description:
+    'Get the authenticated TikTok user profile information including display name, avatar, bio, follower count, and video statistics.',
+  version: '1.0.0',
+
+  oauth: {
+    required: true,
+    provider: 'tiktok',
+    requiredScopes: ['user.info.basic'],
+  },
+
+  params: {
+    fields: {
+      type: 'string',
+      required: false,
+      visibility: 'user-or-llm',
+      default:
+        'open_id,union_id,avatar_url,avatar_url_100,avatar_large_url,display_name,bio_description,profile_deep_link,is_verified,username,follower_count,following_count,likes_count,video_count',
+      description:
+        'Comma-separated list of fields to return. Available: open_id, union_id, avatar_url, avatar_url_100, avatar_large_url, display_name, bio_description, profile_deep_link, is_verified, username, follower_count, following_count, likes_count, video_count',
+    },
+  },
+
+  request: {
+    url: (params: TikTokGetUserParams) => {
+      const fields =
+        params.fields ||
+        'open_id,union_id,avatar_url,avatar_url_100,avatar_large_url,display_name,bio_description,profile_deep_link,is_verified,username,follower_count,following_count,likes_count,video_count'
+      return `https://open.tiktokapis.com/v2/user/info/?fields=${encodeURIComponent(fields)}`
+    },
+    method: 'GET',
+    headers: (params: TikTokGetUserParams) => ({
+      Authorization: `Bearer ${params.accessToken}`,
+      'Content-Type': 'application/json',
+    }),
+  },
+
+  transformResponse: async (response: Response): Promise<TikTokGetUserResponse> => {
+    const data = await response.json()
+
+    if (data.error?.code !== 'ok' && data.error?.code) {
+      return {
+        success: false,
+        output: {
+          openId: '',
+          unionId: null,
+          displayName: '',
+          avatarUrl: null,
+          avatarUrl100: null,
+          avatarLargeUrl: null,
+          bioDescription: null,
+          profileDeepLink: null,
+          isVerified: null,
+          username: null,
+          followerCount: null,
+          followingCount: null,
+          likesCount: null,
+          videoCount: null,
+        },
+        error: data.error?.message || 'Failed to fetch user info',
+      }
+    }
+
+    const user = data.data?.user
+
+    if (!user) {
+      return {
+        success: false,
+        output: {
+          openId: '',
+          unionId: null,
+          displayName: '',
+          avatarUrl: null,
+          avatarUrl100: null,
+          avatarLargeUrl: null,
+          bioDescription: null,
+          profileDeepLink: null,
+          isVerified: null,
+          username: null,
+          followerCount: null,
+          followingCount: null,
+          likesCount: null,
+          videoCount: null,
+        },
+        error: 'No user data returned',
+      }
+    }
+
+    return {
+      success: true,
+      output: {
+        openId: user.open_id ?? '',
+        unionId: user.union_id ?? null,
+        displayName: user.display_name ?? '',
+        avatarUrl: user.avatar_url ?? null,
+        avatarUrl100: user.avatar_url_100 ?? null,
+        avatarLargeUrl: user.avatar_large_url ?? null,
+        bioDescription: user.bio_description ?? null,
+        profileDeepLink: user.profile_deep_link ?? null,
+        isVerified: user.is_verified ?? null,
+        username: user.username ?? null,
+        followerCount: user.follower_count ?? null,
+        followingCount: user.following_count ?? null,
+        likesCount: user.likes_count ?? null,
+        videoCount: user.video_count ?? null,
+      },
+    }
+  },
+
+  outputs: {
+    openId: {
+      type: 'string',
+      description: 'Unique TikTok user ID for this application',
+    },
+    unionId: {
+      type: 'string',
+      description: 'Unique TikTok user ID across all apps from the same developer',
+      optional: true,
+    },
+    displayName: {
+      type: 'string',
+      description: 'User display name',
+    },
+    avatarUrl: {
+      type: 'string',
+      description: 'Profile image URL',
+      optional: true,
+    },
+    avatarUrl100: {
+      type: 'string',
+      description: 'Profile image URL (100x100)',
+      optional: true,
+    },
+    avatarLargeUrl: {
+      type: 'string',
+      description: 'Profile image URL (large)',
+      optional: true,
+    },
+    bioDescription: {
+      type: 'string',
+      description: 'User bio description',
+      optional: true,
+    },
+    profileDeepLink: {
+      type: 'string',
+      description: 'Deep link to user TikTok profile',
+      optional: true,
+    },
+    isVerified: {
+      type: 'boolean',
+      description: 'Whether the account is verified',
+      optional: true,
+    },
+    username: {
+      type: 'string',
+      description: 'TikTok username',
+      optional: true,
+    },
+    followerCount: {
+      type: 'number',
+      description: 'Number of followers',
+      optional: true,
+    },
+    followingCount: {
+      type: 'number',
+      description: 'Number of accounts the user follows',
+      optional: true,
+    },
+    likesCount: {
+      type: 'number',
+      description: 'Total likes received across all videos',
+      optional: true,
+    },
+    videoCount: {
+      type: 'number',
+      description: 'Total number of public videos',
+      optional: true,
+    },
+  },
+}

apps/sim/tools/tiktok/index.ts

@@ -0,0 +1,13 @@
+import { tiktokDirectPostVideoTool } from '@/tools/tiktok/direct_post_video'
+import { tiktokGetPostStatusTool } from '@/tools/tiktok/get_post_status'
+import { tiktokGetUserTool } from '@/tools/tiktok/get_user'
+import { tiktokListVideosTool } from '@/tools/tiktok/list_videos'
+import { tiktokQueryCreatorInfoTool } from '@/tools/tiktok/query_creator_info'
+import { tiktokQueryVideosTool } from '@/tools/tiktok/query_videos'
+
+export { tiktokGetUserTool }
+export { tiktokListVideosTool }
+export { tiktokQueryVideosTool }
+export { tiktokQueryCreatorInfoTool }
+export { tiktokDirectPostVideoTool }
+export { tiktokGetPostStatusTool }

apps/sim/tools/tiktok/list_videos.ts

@@ -0,0 +1,133 @@
+import type {
+  TikTokListVideosParams,
+  TikTokListVideosResponse,
+  TikTokVideo,
+} from '@/tools/tiktok/types'
+import type { ToolConfig } from '@/tools/types'
+
+export const tiktokListVideosTool: ToolConfig<TikTokListVideosParams, TikTokListVideosResponse> = {
+  id: 'tiktok_list_videos',
+  name: 'TikTok List Videos',
+  description:
+    "Get a list of the authenticated user's TikTok videos with cover images, titles, and metadata. Supports pagination.",
+  version: '1.0.0',
+
+  oauth: {
+    required: true,
+    provider: 'tiktok',
+    requiredScopes: ['video.list'],
+  },
+
+  params: {
+    maxCount: {
+      type: 'number',
+      required: false,
+      visibility: 'user-or-llm',
+      default: 20,
+      description: 'Maximum number of videos to return (1-20)',
+    },
+    cursor: {
+      type: 'number',
+      required: false,
+      visibility: 'user-or-llm',
+      description: 'Cursor for pagination (from previous response)',
+    },
+  },
+
+  request: {
+    url: () =>
+      'https://open.tiktokapis.com/v2/video/list/?fields=id,title,cover_image_url,embed_link,duration,create_time,share_url,video_description,width,height',
+    method: 'POST',
+    headers: (params: TikTokListVideosParams) => ({
+      Authorization: `Bearer ${params.accessToken}`,
+      'Content-Type': 'application/json',
+    }),
+    body: (params: TikTokListVideosParams) => ({
+      max_count: params.maxCount || 20,
+      ...(params.cursor !== undefined && { cursor: params.cursor }),
+    }),
+  },
+
+  transformResponse: async (response: Response): Promise<TikTokListVideosResponse> => {
+    const data = await response.json()
+
+    if (data.error?.code !== 'ok' && data.error?.code) {
+      return {
+        success: false,
+        output: {
+          videos: [],
+          cursor: null,
+          hasMore: false,
+        },
+        error: data.error?.message || 'Failed to fetch videos',
+      }
+    }
+
+    const videos: TikTokVideo[] = (data.data?.videos ?? []).map(
+      (video: Record<string, unknown>) => ({
+        id: video.id ?? '',
+        title: video.title ?? null,
+        coverImageUrl: video.cover_image_url ?? null,
+        embedLink: video.embed_link ?? null,
+        duration: video.duration ?? null,
+        createTime: video.create_time ?? null,
+        shareUrl: video.share_url ?? null,
+        videoDescription: video.video_description ?? null,
+        width: video.width ?? null,
+        height: video.height ?? null,
+      })
+    )
+
+    return {
+      success: true,
+      output: {
+        videos,
+        cursor: data.data?.cursor ?? null,
+        hasMore: data.data?.has_more ?? false,
+      },
+    }
+  },
+
+  outputs: {
+    videos: {
+      type: 'array',
+      description: 'List of TikTok videos',
+      items: {
+        type: 'object',
+        properties: {
+          id: { type: 'string', description: 'Video ID' },
+          title: { type: 'string', description: 'Video title', optional: true },
+          coverImageUrl: {
+            type: 'string',
+            description: 'Cover image URL (may expire)',
+            optional: true,
+          },
+          embedLink: { type: 'string', description: 'Embeddable video URL', optional: true },
+          duration: { type: 'number', description: 'Video duration in seconds', optional: true },
+          createTime: {
+            type: 'number',
+            description: 'Unix timestamp when video was created',
+            optional: true,
+          },
+          shareUrl: { type: 'string', description: 'Shareable video URL', optional: true },
+          videoDescription: {
+            type: 'string',
+            description: 'Video description/caption',
+            optional: true,
+          },
+          width: { type: 'number', description: 'Video width in pixels', optional: true },
+          height: { type: 'number', description: 'Video height in pixels', optional: true },
+        },
+      },
+    },
+    cursor: {
+      type: 'number',
+      description: 'Cursor for fetching the next page of results',
+      optional: true,
+    },
+    hasMore: {
+      type: 'boolean',
+      description: 'Whether there are more videos to fetch',
+    },
+  },
+}

apps/sim/tools/tiktok/query_creator_info.ts

@@ -0,0 +1,127 @@
+import type {
+  TikTokQueryCreatorInfoParams,
+  TikTokQueryCreatorInfoResponse,
+} from '@/tools/tiktok/types'
+import type { ToolConfig } from '@/tools/types'
+
+export const tiktokQueryCreatorInfoTool: ToolConfig<
+  TikTokQueryCreatorInfoParams,
+  TikTokQueryCreatorInfoResponse
+> = {
+  id: 'tiktok_query_creator_info',
+  name: 'TikTok Query Creator Info',
+  description:
+    'Check if the authenticated TikTok user can post content and retrieve their available privacy options, interaction settings, and maximum video duration.',
+  version: '1.0.0',
+
+  oauth: {
+    required: true,
+    provider: 'tiktok',
+    requiredScopes: ['video.publish'],
+  },
+
+  params: {},
+
+  request: {
+    url: () => 'https://open.tiktokapis.com/v2/post/publish/creator_info/query/',
+    method: 'POST',
+    headers: (params: TikTokQueryCreatorInfoParams) => ({
+      Authorization: `Bearer ${params.accessToken}`,
+      'Content-Type': 'application/json',
+    }),
+  },
+
+  transformResponse: async (response: Response): Promise<TikTokQueryCreatorInfoResponse> => {
+    const data = await response.json()
+
+    if (data.error?.code !== 'ok' && data.error?.code) {
+      return {
+        success: false,
+        output: {
+          creatorAvatarUrl: null,
+          creatorUsername: null,
+          creatorNickname: null,
+          privacyLevelOptions: [],
+          commentDisabled: false,
+          duetDisabled: false,
+          stitchDisabled: false,
+          maxVideoPostDurationSec: null,
+        },
+        error: data.error?.message || 'Failed to query creator info',
+      }
+    }
+
+    const creatorInfo = data.data
+
+    if (!creatorInfo) {
+      return {
+        success: false,
+        output: {
+          creatorAvatarUrl: null,
+          creatorUsername: null,
+          creatorNickname: null,
+          privacyLevelOptions: [],
+          commentDisabled: false,
+          duetDisabled: false,
+          stitchDisabled: false,
+          maxVideoPostDurationSec: null,
+        },
+        error: 'No creator info returned',
+      }
+    }
+
+    return {
+      success: true,
+      output: {
+        creatorAvatarUrl: creatorInfo.creator_avatar_url ?? null,
+        creatorUsername: creatorInfo.creator_username ?? null,
+        creatorNickname: creatorInfo.creator_nickname ?? null,
+        privacyLevelOptions: creatorInfo.privacy_level_options ?? [],
+        commentDisabled: creatorInfo.comment_disabled ?? false,
+        duetDisabled: creatorInfo.duet_disabled ?? false,
+        stitchDisabled: creatorInfo.stitch_disabled ?? false,
+        maxVideoPostDurationSec: creatorInfo.max_video_post_duration_sec ?? null,
+      },
+    }
+  },
+
+  outputs: {
+    creatorAvatarUrl: {
+      type: 'string',
+      description: 'URL of the creator avatar',
+      optional: true,
+    },
+    creatorUsername: {
+      type: 'string',
+      description: 'TikTok username of the creator',
+      optional: true,
+    },
+    creatorNickname: {
+      type: 'string',
+      description: 'Display name/nickname of the creator',
+      optional: true,
+    },
+    privacyLevelOptions: {
+      type: 'array',
+      description:
+        'Available privacy levels for posting (e.g., PUBLIC_TO_EVERYONE, MUTUAL_FOLLOW_FRIENDS, FOLLOWER_OF_CREATOR, SELF_ONLY)',
+    },
+    commentDisabled: {
+      type: 'boolean',
+      description: 'Whether the creator has disabled comments by default',
+    },
+    duetDisabled: {
+      type: 'boolean',
+      description: 'Whether the creator has disabled duets by default',
+    },
+    stitchDisabled: {
+      type: 'boolean',
+      description: 'Whether the creator has disabled stitches by default',
+    },
+    maxVideoPostDurationSec: {
+      type: 'number',
+      description: 'Maximum allowed video duration in seconds',
+      optional: true,
+    },
+  },
+}

apps/sim/tools/tiktok/query_videos.ts

@@ -0,0 +1,119 @@
+import type {
+  TikTokQueryVideosParams,
+  TikTokQueryVideosResponse,
+  TikTokVideo,
+} from '@/tools/tiktok/types'
+import type { ToolConfig } from '@/tools/types'
+
+export const tiktokQueryVideosTool: ToolConfig<TikTokQueryVideosParams, TikTokQueryVideosResponse> =
+  {
+    id: 'tiktok_query_videos',
+    name: 'TikTok Query Videos',
+    description:
+      'Query specific TikTok videos by their IDs to get fresh metadata including cover images, embed links, and video details.',
+    version: '1.0.0',
+
+    oauth: {
+      required: true,
+      provider: 'tiktok',
+      requiredScopes: ['video.list'],
+    },
+
+    params: {
+      videoIds: {
+        type: 'array',
+        required: true,
+        visibility: 'user-or-llm',
+        description: 'Array of video IDs to query (maximum 20)',
+        items: {
+          type: 'string',
+          description: 'TikTok video ID',
+        },
+      },
+    },
+
+    request: {
+      url: () =>
+        'https://open.tiktokapis.com/v2/video/query/?fields=id,title,cover_image_url,embed_link,duration,create_time,share_url,video_description,width,height',
+      method: 'POST',
+      headers: (params: TikTokQueryVideosParams) => ({
+        Authorization: `Bearer ${params.accessToken}`,
+        'Content-Type': 'application/json',
+      }),
+      body: (params: TikTokQueryVideosParams) => ({
+        filters: {
+          video_ids: params.videoIds,
+        },
+      }),
+    },
+
+    transformResponse: async (response: Response): Promise<TikTokQueryVideosResponse> => {
+      const data = await response.json()
+
+      if (data.error?.code !== 'ok' && data.error?.code) {
+        return {
+          success: false,
+          output: {
+            videos: [],
+          },
+          error: data.error?.message || 'Failed to query videos',
+        }
+      }
+
+      const videos: TikTokVideo[] = (data.data?.videos ?? []).map(
+        (video: Record<string, unknown>) => ({
+          id: video.id ?? '',
+          title: video.title ?? null,
+          coverImageUrl: video.cover_image_url ?? null,
+          embedLink: video.embed_link ?? null,
+          duration: video.duration ?? null,
+          createTime: video.create_time ?? null,
+          shareUrl: video.share_url ?? null,
+          videoDescription: video.video_description ?? null,
+          width: video.width ?? null,
+          height: video.height ?? null,
+        })
+      )
+
+      return {
+        success: true,
+        output: {
+          videos,
+        },
+      }
+    },
+
+    outputs: {
+      videos: {
+        type: 'array',
+        description: 'List of queried TikTok videos',
+        items: {
+          type: 'object',
+          properties: {
+            id: { type: 'string', description: 'Video ID' },
+            title: { type: 'string', description: 'Video title', optional: true },
+            coverImageUrl: {
+              type: 'string',
+              description: 'Cover image URL (fresh URL)',
+              optional: true,
+            },
+            embedLink: { type: 'string', description: 'Embeddable video URL', optional: true },
+            duration: { type: 'number', description: 'Video duration in seconds', optional: true },
+            createTime: {
+              type: 'number',
+              description: 'Unix timestamp when video was created',
+              optional: true,
+            },
+            shareUrl: { type: 'string', description: 'Shareable video URL', optional: true },
+            videoDescription: {
+              type: 'string',
+              description: 'Video description/caption',
+              optional: true,
+            },
+            width: { type: 'number', description: 'Video width in pixels', optional: true },
+            height: { type: 'number', description: 'Video height in pixels', optional: true },
+          },
+        },
+      },
+    },
+  }

apps/sim/tools/tiktok/types.ts

@@ -0,0 +1,140 @@
+import type { ToolResponse } from '@/tools/types'
+
+/**
+ * Base params that include OAuth access token
+ */
+export interface TikTokBaseParams {
+  accessToken: string
+}
+
+/**
+ * Get User Info
+ */
+export interface TikTokGetUserParams extends TikTokBaseParams {
+  fields?: string
+}
+
+export interface TikTokGetUserResponse extends ToolResponse {
+  output: {
+    openId: string
+    unionId: string | null
+    displayName: string
+    avatarUrl: string | null
+    avatarUrl100: string | null
+    avatarLargeUrl: string | null
+    bioDescription: string | null
+    profileDeepLink: string | null
+    isVerified: boolean | null
+    username: string | null
+    followerCount: number | null
+    followingCount: number | null
+    likesCount: number | null
+    videoCount: number | null
+  }
+}
+
+/**
+ * List Videos
+ */
+export interface TikTokListVideosParams extends TikTokBaseParams {
+  maxCount?: number
+  cursor?: number
+}
+
+export interface TikTokVideo {
+  id: string
+  title: string | null
+  coverImageUrl: string | null
+  embedLink: string | null
+  duration: number | null
+  createTime: number | null
+  shareUrl: string | null
+  videoDescription: string | null
+  width: number | null
+  height: number | null
+}
+
+export interface TikTokListVideosResponse extends ToolResponse {
+  output: {
+    videos: TikTokVideo[]
+    cursor: number | null
+    hasMore: boolean
+  }
+}
+
+/**
+ * Query Videos
+ */
+export interface TikTokQueryVideosParams extends TikTokBaseParams {
+  videoIds: string[]
+}
+
+export interface TikTokQueryVideosResponse extends ToolResponse {
+  output: {
+    videos: TikTokVideo[]
+  }
+}
+
+/**
+ * Query Creator Info - Check posting permissions and get privacy options
+ */
+export interface TikTokQueryCreatorInfoParams extends TikTokBaseParams {}
+
+export interface TikTokQueryCreatorInfoResponse extends ToolResponse {
+  output: {
+    creatorAvatarUrl: string | null
+    creatorUsername: string | null
+    creatorNickname: string | null
+    privacyLevelOptions: string[]
+    commentDisabled: boolean
+    duetDisabled: boolean
+    stitchDisabled: boolean
+    maxVideoPostDurationSec: number | null
+  }
+}
+
+/**
+ * Direct Post Video - Publish video from URL to TikTok
+ */
+export interface TikTokDirectPostVideoParams extends TikTokBaseParams {
+  videoUrl: string
+  title?: string
+  privacyLevel: string
+  disableDuet?: boolean
+  disableStitch?: boolean
+  disableComment?: boolean
+  videoCoverTimestampMs?: number
+  isAigc?: boolean
+}
+
+export interface TikTokDirectPostVideoResponse extends ToolResponse {
+  output: {
+    publishId: string
+  }
+}
+
+/**
+ * Get Post Status - Check status of a published post
+ */
+export interface TikTokGetPostStatusParams extends TikTokBaseParams {
+  publishId: string
+}
+
+export interface TikTokGetPostStatusResponse extends ToolResponse {
+  output: {
+    status: string
+    failReason: string | null
+    publiclyAvailablePostId: string[]
+  }
+}
+
+/**
+ * Union type of all TikTok responses
+ */
+export type TikTokResponse =
+  | TikTokGetUserResponse
+  | TikTokListVideosResponse
+  | TikTokQueryVideosResponse
+  | TikTokQueryCreatorInfoResponse
+  | TikTokDirectPostVideoResponse
+  | TikTokGetPostStatusResponse