Documentation Index
Fetch the complete documentation index at: https://cloud-docs.mentra.glass/llms.txt
Use this file to discover all available pages before exploring further.
Overview
The App model represents third-party applications (TPAs) in the MentraOS ecosystem. It stores app metadata, authentication credentials, webhook configurations, and app store status.
Location
packages/cloud/src/models/app.model.ts
Schema Structure
Core Fields
{
// Identity
packageName: string, // Unique identifier (e.g., "com.translator.app")
name: string, // Display name
description: string, // App description
version: string, // Semantic version
type: AppType, // 'AGENT' | 'UI' | 'HARDWARE'
// Authentication
hashedApiKey: string, // Hashed API key for authentication
hashedEndpointSecret?: string, // Optional webhook secret
// Store Management
appStoreStatus: AppStoreStatus, // Development/Published status
isPublic: boolean, // Publicly available flag
reviewNotes?: string, // Review process notes
reviewedBy?: string, // Reviewer identifier
reviewedAt?: Date, // Review timestamp
// Organization
organizationId?: ObjectId, // Owning organization
// Configuration
settings?: AppSetting[], // Available settings
permissions?: Permission[], // Required permissions
tools?: ToolSchema[], // AI tool definitions
webhooks?: WebhookConfig, // Webhook endpoints
hardware?: HardwareRequirement[], // Hardware requirements
// Metadata
logo?: string, // App logo URL
smallLogo?: string, // Small logo variant
bannerImage?: string, // Store banner image
screenshots?: string[], // App screenshots
demoVideoUrl?: string, // Demo video
supportUrl?: string, // Support contact
documentationUrl?: string, // Documentation link
websiteUrl?: string, // Marketing website
privacyPolicyUrl?: string, // Privacy policy
termsOfServiceUrl?: string, // Terms of service
// Analytics
installCount?: number, // Total installations
activeUsers?: number, // Active user count
rating?: number, // Average rating
featured?: boolean, // Featured app flag
// Timestamps
createdAt: Date,
updatedAt: Date
}
App Types
enum AppType {
AGENT = 'AGENT', // AI-powered apps
UI = 'UI', // Visual interface apps
HARDWARE = 'HARDWARE' // Hardware integration apps
}
App Store Status
type AppStoreStatus =
| 'DEVELOPMENT' // In development, not public
| 'SUBMITTED' // Submitted for review
| 'REJECTED' // Failed review
| 'PUBLISHED' // Available in store
Settings Configuration
Apps can define user-configurable settings:
settings: [{
key: string, // Setting identifier
type: AppSettingType, // STRING | NUMBER | BOOLEAN | SELECT
label: string, // Display label
description?: string, // Help text
defaultValue?: any, // Default value
required?: boolean, // Required flag
options?: Array<{ // For SELECT type
label: string,
value: string
}>,
min?: number, // For NUMBER type
max?: number,
step?: number
}]
Permission Declarations
Apps must declare required permissions:
permissions: [{
type: PermissionType, // Permission category
reason: string, // Why it's needed
required: boolean, // Required vs optional
settings?: any // Permission-specific config
}]
TRANSCRIPTION: Access to speech-to-textAUDIO: Access to audio streamCAMERA: Camera/photo accessLOCATION: Location dataNOTIFICATIONS: Phone notificationsDISPLAY: Screen outputSTORAGE: Persistent storage
Hardware Requirements
Apps can specify hardware needs:
hardware: [{
type: HardwareType, // DISPLAY | CAMERA | etc.
level: HardwareRequirementLevel, // REQUIRED | OPTIONAL
minVersion?: string, // Minimum version
features?: string[] // Specific features
}]
Webhook Configuration
webhooks: {
start?: {
url: string, // Webhook URL
headers?: Record<string, string>, // Custom headers
timeout?: number // Timeout in ms
},
stop?: { /* same structure */ },
toolCall?: { /* same structure */ }
}
tools: [{
name: string, // Tool identifier
description: string, // What it does
inputSchema: { // JSON Schema
type: 'object',
properties: { /* ... */ },
required: string[]
},
outputSchema?: { /* ... */ } // Expected output
}]
Indexes
- packageName: Unique index
- organizationId: For org queries
- appStoreStatus: For store filtering
- type: For category queries
- featured: For featured apps
Methods
Instance Methods
The App model primarily uses standard Mongoose methods:
// Find app
const app = await App.findOne({ packageName: 'com.translator.app' });
// Update app
app.version = '1.2.0';
await app.save();
// Soft delete
app.isPublic = false;
app.appStoreStatus = 'DEVELOPMENT';
await app.save();
Static Methods
// Find all published apps
const publishedApps = await App.find({
appStoreStatus: 'PUBLISHED',
isPublic: true
});
// Find organization apps
const orgApps = await App.find({
organizationId: orgId
});
Security
API Key Management
- API keys are hashed using SHA-256
- Never store or transmit plain text keys
- Keys are generated using crypto-random
Webhook Security
- Optional endpoint secrets for verification
- HMAC signatures for webhook payloads
- Timeout limits to prevent hanging
App Lifecycle
Development Flow
- DEVELOPMENT: App created, private to developer
- SUBMITTED: Submitted for review
- REJECTED: Failed review (with notes)
- PUBLISHED: Available in public store
Review Process
// Submit for review
app.appStoreStatus = 'SUBMITTED';
app.reviewNotes = 'Ready for review';
await app.save();
// Review decision
app.appStoreStatus = 'PUBLISHED';
app.reviewedBy = 'reviewer@mentraos.com';
app.reviewedAt = new Date();
await app.save();
Best Practices
- Validate package names - Use reverse domain notation
- Version semantically - Follow semver (1.0.0)
- Declare all permissions - Be transparent
- Provide documentation - Help users understand
- Test webhooks - Ensure they’re responsive
- Handle errors gracefully - Don’t crash user sessions
Example Usage
Creating an App
const app = new App({
packageName: 'com.example.translator',
name: 'Universal Translator',
description: 'Real-time translation for smart glasses',
version: '1.0.0',
type: 'UI',
// Organization
organizationId: orgId,
// Settings
settings: [
{
key: 'targetLanguage',
type: 'SELECT',
label: 'Target Language',
defaultValue: 'es',
options: [
{ label: 'Spanish', value: 'es' },
{ label: 'French', value: 'fr' }
]
}
],
// Permissions
permissions: [
{
type: 'TRANSCRIPTION',
reason: 'To capture speech for translation',
required: true
},
{
type: 'DISPLAY',
reason: 'To show translations',
required: true
}
],
// Webhooks
webhooks: {
start: {
url: 'https://api.example.com/webhook/start',
headers: { 'X-API-Key': 'webhook-key' }
}
},
// Store info
appStoreStatus: 'DEVELOPMENT',
isPublic: false,
logo: 'https://example.com/logo.png',
supportUrl: 'support@example.com'
});
// Hash the API key before saving
app.hashedApiKey = hashApiKey('app_secret_key');
await app.save();
Finding Apps for User
// Get user's installed apps
const user = await User.findOne({ email: 'user@example.com' });
const installedPackageNames = user.installedApps.map(a => a.packageName);
// Find app details
const apps = await App.find({
packageName: { $in: installedPackageNames },
appStoreStatus: 'PUBLISHED'
}).lean();
