// Create and customize Vana data apps that access users' portable personal data via the Vana Connect SDK. Use when asked to "create a data app", "new vana app", "build an app with user data", "customize the starter", "add a scope", "change data source", or when working with @opendatalabs/connect or the vana-connect-starter repo.
| name | vana-data-app |
| description | Create and customize Vana data apps that access users' portable personal data via the Vana Connect SDK. Use when asked to "create a data app", "new vana app", "build an app with user data", "customize the starter", "add a scope", "change data source", or when working with @opendatalabs/connect or the vana-connect-starter repo. |
Build Next.js applications that access users' portable personal data (ChatGPT conversations,
Instagram posts, Spotify saved tracks, etc.) via the Vana Connect protocol. Apps use the
@opendatalabs/connect SDK for session creation, grant polling, and data retrieval.
The data flow has three steps, all handled by the SDK:
connect(config) returns a connectUrl deep link + sessionIduseVanaData() hook polls until the user approves in DataConnectgetData({ privateKey, grant, environment }) retrieves user dataThe grant flow: Builder backend creates session via Session Relay, user approves in DataConnect desktop app, DataConnect registers an on-chain grant (EIP-712 signed), builder fetches data from the user's Personal Server using the grant.
| File | What to change |
|---|---|
.env.local | Set VANA_SCOPES (comma-separated scope keys) |
src/app/manifest.json/route.ts | App name, short_name, privacy/terms/support URLs |
src/components/ConnectFlow.tsx | UI — redesign data display, add visualizations, features |
src/app/page.tsx | Homepage — title, description, branding, layout |
src/app/globals.css | Styling — colors, typography, components |
src/app/layout.tsx | Metadata — page title, description |
src/app/icon.svg | App icon (DataConnect resolves /icon.svg → /icon.png → /favicon.ico) |
| File | Why |
|---|---|
src/app/api/connect/route.ts | Thin SDK wrapper — works as-is |
src/app/api/data/route.ts | Thin SDK wrapper — works as-is |
src/app/api/webhook/route.ts | Stub — extend for production but don't break the interface |
Ask the user (if not clear):
chatgpt.conversations, instagram.posts)Available scope schemas: https://github.com/vana-com/data-connectors/tree/main/schemas
Scope key rule: use the schema filename without .json (for example spotify.savedTracks.json -> spotify.savedTracks).
If starting fresh:
git clone https://github.com/vana-com/vana-connect-starter.git my-data-app
cd my-data-app
pnpm install
cp .env.local.example .env.local
Required environment variables:
VANA_PRIVATE_KEY — App private key (get it from https://account.vana.org/admin)APP_URL — http://localhost:3001 for dev, HTTPS domain for production (no trailing slash)VANA_SCOPES — Comma-separated scope keys, e.g. chatgpt.conversations,instagram.postsSet scopes in .env.local:
VANA_SCOPES=chatgpt.conversations
# or
VANA_SCOPES=chatgpt.conversations,instagram.posts
src/config.ts reads VANA_SCOPES and validates required env vars (VANA_PRIVATE_KEY, APP_URL, VANA_SCOPES) at startup:
import { createVanaConfig } from "@opendatalabs/connect/server";
const scopes = (process.env.VANA_SCOPES ?? "")
.split(",")
.map((scope) => scope.trim())
.filter(Boolean);
const appUrl = (process.env.APP_URL ?? "").trim().replace(/\/+$/, "");
const privateKey = (process.env.VANA_PRIVATE_KEY ?? "").trim();
if (scopes.length === 0) {
throw new Error("Missing VANA_SCOPES");
}
if (!appUrl) {
throw new Error("Missing APP_URL");
}
if (!privateKey || !/^0x[0-9a-fA-F]{64}$/.test(privateKey)) {
throw new Error("Invalid VANA_PRIVATE_KEY");
}
export const config = createVanaConfig({
privateKey: privateKey as `0x${string}`,
scopes,
appUrl,
});
Edit src/app/manifest.json/route.ts — change the manifest object:
const manifest = {
name: "Your App Name",
short_name: "YourApp",
start_url: "/",
display: "standalone",
background_color: "#09090b",
theme_color: "#09090b",
icons: [{ src: "/icon.svg", sizes: "any", type: "image/svg+xml" }],
vana: vanaBlock,
};
Update the URLs passed to signVanaManifest():
privacyPolicyUrltermsUrlsupportUrlwebhookUrlThe ConnectFlow component uses useVanaData() from @opendatalabs/connect/react:
const {
status, // "idle" | "connecting" | "waiting" | "approved" | "denied" | "expired" | "error"
grant, // { grantId, userAddress, builderAddress, scopes, serverAddress? }
data, // Fetched user data (Record<string, unknown>)
error, // Error message string
connectUrl, // Deep link URL to DataConnect
initConnect, // Start session
fetchData, // Retrieve data using grant
isLoading, // Loading state boolean
} = useVanaData();
Status flow: idle → connecting → waiting → approved → (fetch data)
The component must:
initConnect() once on mount (use useRef guard in StrictMode)connectUrl when status is waitingfetchData() after approval to get user dataIMPORTANT — Actual response shape from useVanaData().data:
The /api/data route returns { data: ... } and the hook exposes the full response body.
Each scope value is NOT a bare array — it's an envelope with schema metadata and a nested data object:
{
"data": { // from /api/data response
"chatgpt.conversations": { // scope key
"$schema": "https://...schema.json",
"version": "1.0",
"scope": "chatgpt.conversations",
"collectedAt": "2026-03-01T20:26:46Z",
"data": { // actual payload
"conversations": [...]
}
}
}
}
To extract conversations: data.data["chatgpt.conversations"].data.conversations
Timestamps like create_time may be ISO 8601 strings (e.g. "2025-12-31T07:59:14.849720Z")
rather than Unix timestamps. Always handle both formats when parsing dates.
pnpm dev # Opens on http://localhost:3001
E2E flow:
@opendatalabs/connect/server)import { createVanaConfig, connect, getData, signVanaManifest } from "@opendatalabs/connect/server";
createVanaConfig({ privateKey, scopes, appUrl }) — Creates config objectconnect(config) — Creates session, returns { sessionId, connectUrl, expiresAt }getData({ privateKey, grant, environment }) — Fetches data from Personal ServersignVanaManifest({ privateKey, appUrl, ... }) — Signs manifest for identity verification@opendatalabs/connect/react)import { useVanaData } from "@opendatalabs/connect/react";
@opendatalabs/connect/core)import { ConnectError, isValidGrant } from "@opendatalabs/connect/core";
import type { ConnectionStatus } from "@opendatalabs/connect/core";
@opendatalabs/connect ^0.8.1viem ^2.0.0 (Ethereum utilities)@/* → ./src/*.env.local overrides .env — Next.js loads .env.local with higher priority. If
.env.local has placeholder values like VANA_PRIVATE_KEY=0x..., they override real values
in .env. Use only one env file, or ensure .env.local has the real key.
API errors are swallowed — The catch blocks in API routes return generic messages.
Always include console.error logging to see the actual error in the terminal.
Data is deeply nested — The response from getData() wraps each scope in an envelope
with $schema, version, collectedAt, and a nested data object containing the actual
payload. Don't assume scope_key → array — it's scope_key → envelope → data → array.
Timestamps are ISO strings — Connector schemas return create_time as ISO 8601 strings
(e.g. "2025-12-31T07:59:14Z"), not Unix timestamps. Parse with new Date(value), not
parseFloat(value).
VANA_PRIVATE_KEY to the client — all signing happens server-sideinitConnect() without a useRef guard — React StrictMode will double-fire it