Skip to main content
Pieces are integrations in Activepieces. Platform and project administrators can control which pieces are available to users through filtering and private registries.

Overview

Activepieces provides three levels of piece filtering:

Platform Level

Global piece filtering for entire platform

Project Level

Per-project piece restrictions

Private Registry

Custom piece deployment

Platform Piece Filtering

Control which pieces are available across your platform:

Filter Behaviors

Allow Specific Pieces

Only specified pieces are available:
{
  filteredPieceBehavior: FilteredPieceBehavior.ALLOWED,
  filteredPieceNames: [
    "@activepieces/piece-slack",
    "@activepieces/piece-gmail",
    "@activepieces/piece-google-sheets",
    "@activepieces/piece-hubspot"
  ]
}
Use Cases:
  • Security compliance requirements
  • Limiting integrations to approved vendors
  • Controlling data flow to specific services
Platform filtering is deprecated in favor of project-level filtering, which provides more granular control.

Project Piece Plans

Configure piece availability per project for fine-grained control:

Creating a Project Plan

{
  projectId: "proj_abc123",
  name: "Enterprise Security Plan",
  piecesFilterType: PiecesFilterType.ALLOWED,
  pieces: [
    "@activepieces/piece-slack",
    "@activepieces/piece-microsoft-teams",
    "@activepieces/piece-salesforce"
  ],
  locked: false
}

Filter Types

No Filtering (Default)

All platform pieces are available:
{
  piecesFilterType: PiecesFilterType.NONE,
  pieces: []  // Empty array
}
Best for:
  • Development environments
  • Unrestricted projects
  • Maximum flexibility

Plan Locking

Lock plans to prevent modifications: 
{
  locked: true  // Plan cannot be changed
}
Locked plans ensure compliance policies cannot be bypassed by project administrators.

Installing Pieces

Community Pieces

Activepieces includes 200+ community pieces:
1

Browse Available Pieces

View all pieces in the piece marketplace:
GET /v1/pieces
2

Check Piece Availability

Pieces are automatically available based on filtering rules
3

Use in Flows

Add pieces to flows through the flow builder

Private Pieces

Deploy custom pieces to your platform:
1

Build Custom Piece

Create piece using the Activepieces CLI:
npx @activepieces/cli create-piece my-custom-piece
2

Publish to Registry

npx @activepieces/cli publish-piece \
  --path ./my-custom-piece \
  --registry https://your-registry.com
3

Configure Platform

Point platform to your private registry:
AP_PIECES_SOURCE=PRIVATE
AP_PRIVATE_PIECES_REGISTRY=https://your-registry.com

Piece Filtering Logic

The system applies filters in this order:

Filtering Rules

1

Platform Filter

If platform has ALLOWED behavior:
  • Only pieces in filteredPieceNames are included
If platform has BLOCKED behavior:
  • All pieces except those in filteredPieceNames
2

Project Filter

If project has ALLOWED filter:
  • Only pieces in project plan’s pieces array
If project has NONE filter:
  • All pieces from platform filter
3

Hidden Pieces

If includeHidden=true:
  • All filters bypassed (admin view)

Managing Piece Allowlists

Adding Pieces to Allowlist

curl -X PATCH 'https://api.activepieces.com/v1/platforms/{platformId}' \
  -H 'Authorization: Bearer {token}' \
  -H 'Content-Type: application/json' \
  -d '{
    "filteredPieceBehavior": "ALLOWED",
    "filteredPieceNames": [
      "@activepieces/piece-slack",
      "@activepieces/piece-gmail"
    ]
  }'

Common Piece Combinations

[
  "@activepieces/piece-http",
  "@activepieces/piece-data-mapper",
  "@activepieces/piece-webhook",
  "@activepieces/piece-delay",
  "@activepieces/piece-date-helper",
  "@activepieces/piece-text-helper"
]

[
  "@activepieces/piece-slack",
  "@activepieces/piece-microsoft-teams",
  "@activepieces/piece-gmail",
  "@activepieces/piece-smtp"
]

[
  "@activepieces/piece-salesforce",
  "@activepieces/piece-hubspot",
  "@activepieces/piece-pipedrive",
  "@activepieces/piece-zoho-crm"
]

[
  "@activepieces/piece-google-sheets",
  "@activepieces/piece-airtable",
  "@activepieces/piece-postgresql",
  "@activepieces/piece-mysql",
  "@activepieces/piece-mongodb"
]

Private Piece Registry

Host your own piece registry for custom integrations:

Registry Setup

1

Choose Registry Type

Options:
  • npm private registry
  • Verdaccio
  • Artifactory
  • GitHub Packages
2

Configure Environment

# Use private registry
AP_PIECES_SOURCE=PRIVATE
AP_PRIVATE_PIECES_REGISTRY=https://registry.company.com

# Authentication (if required)
NPM_TOKEN=your-token-here
3

Publish Custom Pieces

cd my-custom-piece
npm publish --registry https://registry.company.com

Registry Configuration

// .npmrc for custom registry
registry=https://registry.company.com
//registry.company.com/:_authToken=${NPM_TOKEN}

Piece Metadata

Each piece has metadata that affects filtering: 
{
  name: "@activepieces/piece-slack",
  displayName: "Slack",
  version: "0.9.0",
  minimumSupportedRelease: "0.20.0",
  maximumSupportedRelease: "999.0.0",
  auth: { type: "OAUTH2" },
  actions: [...],
  triggers: [...]
}

Hidden Pieces

Some pieces are hidden from normal users: 
const isHidden = piece.name.startsWith('@activepieces/piece-internal-')

Checking Piece Availability

Verify if a piece is available to a project: 
const isFiltered = await enterpriseFilteringUtils.isFiltered({
  piece: pieceMetadata,
  projectId: "proj_abc123",
  platformId: "platform_123"
})

if (isFiltered) {
  throw new Error('Piece not available in this project')
}

Use Cases

Scenario: Offer different piece sets per pricing tierImplementation:
  • Free tier: Core pieces only
  • Pro tier: + Business integrations
  • Enterprise: All pieces + custom pieces
const freeTierPlan = {
  piecesFilterType: PiecesFilterType.ALLOWED,
  pieces: ['@activepieces/piece-http', '@activepieces/piece-webhook']
}
Scenario: Restrict data flow to approved vendors onlyImplementation: Block all pieces, then allowlist approved ones:
{
  piecesFilterType: PiecesFilterType.ALLOWED,
  pieces: approvedVendorPieces,
  locked: true  // Prevent changes
}
Scenario: Provide internal system integrationsImplementation:
  • Deploy private pieces to custom registry
  • Make available only to specific projects
{
  pieces: [
    '@company/piece-internal-crm',
    '@company/piece-erp-system'
  ]
}
Scenario: Comply with data residency lawsImplementation: Block pieces that transfer data outside region:
{
  filteredPieceBehavior: FilteredPieceBehavior.BLOCKED,
  filteredPieceNames: nonCompliantPieces
}

API Reference

curl -X GET 'https://api.activepieces.com/v1/pieces?projectId={projectId}' \
  -H 'Authorization: Bearer {token}'

Best Practices

Start Restrictive

Begin with allowlist mode and add pieces as needed, rather than blocking later.

Lock Production

Lock project plans in production to prevent unauthorized changes.

Document Allowlists

Maintain documentation of why each piece is allowed/blocked.

Regular Reviews

Audit piece usage quarterly and update allowlists accordingly.

Troubleshooting

Check:
  1. Platform filter includes the piece
  2. Project plan allows the piece
  3. Piece name is spelled correctly
  4. User has permission to view pieces
Check:
  1. Private registry is accessible
  2. NPM_TOKEN is set correctly
  3. Piece is published to registry
  4. Piece version is compatible
Check:
  1. Project plan is configured correctly
  2. Platform filter is not too restrictive
  3. User is in the correct project
  4. Cache has been cleared

Project Management

Configure project plans

Security Practices

Security considerations

Building Pieces

Create custom pieces