Devin
Devin is Cognition’s cloud coding agent — it can read an issue, work through a fix on its own infrastructure, and open a pull request for review. A Devin connection in Firetiger surfaces Devin in the Fix ▾ dropdown on every issue, and can be selected as the Autofix agent so newly actionable issues are dispatched to Devin automatically.
This page covers setting up the connection. For the end-to-end workflow (what happens after you click Fix), see Fixing issues with coding agents.
Recommended: Create and manage connections via the web UI at https://ui.cloud.firetiger.com/integrations/connections.
Prerequisites
- A Devin plan that includes service users (Devin’s machine-credential mechanism). Firetiger uses Devin’s v3 organization-scoped API, which authenticates with service-user keys (
cog_...) — legacy personal API keys (apk_...) are not supported. - Permission to create service users in your Devin organization (Settings → Service users).
Installation
-
In Devin settings, go to Service users and create a service user for Firetiger. Grant it these permissions:
Permission Why Firetiger needs it ManageOrgSessions Launch new Devin sessions when you click Fix (or Autofix does) ViewOrgSessions Read session status back on demand Copy the generated API key — it starts with
cog_. While you’re on this page, also note your organization ID (org-...); you may need it in step 3. -
In the Firetiger UI, navigate to Integrations → Connections, click New Connection, and select Devin from the picker.
-
Fill in the form:
Field Description Display name Shows up verbatim in the Fix ▾dropdown. If you have multiple Devin connections (e.g., one per team), give each a distinct name like “Devin — platform team”.Description Free-text context. Not shown to Devin itself; just helps your teammates recognize the connection. API Key Paste the cog_...value from step 1. Stored encrypted and never returned via the API; omit it on subsequent edits to keep the existing value.Organization ID Optional. Leave blank and Firetiger auto-detects it from the key at save time via Devin’s /v3/selfendpoint. Auto-detection requires the ReadAccountMeta permission (an enterprise-level grant many minimal service users lack) — if the save fails asking for the org ID, paste theorg-...value from step 1.Default repository Optional. Fallback GitHub repository (e.g. https://github.com/owner/repo) used to seed the Devin session when the issue carries no GitHub link. A GitHub link on the issue takes precedence. Leave empty to require a link on every issue.Max ACU limit Optional. Per-session ACU spend cap forwarded to Devin. A useful guardrail when Autofix launches sessions automatically. 0 or empty means no cap. -
Click Create Connection. Firetiger validates the API key (and organization ID) against Devin before saving, so a bad credential fails fast instead of surfacing later as a broken
Fixbutton. Once saved, Devin appears in theFix ▾dropdown on any issue.
What gets created
A single Connection resource with:
| Field | Value |
|---|---|
connection_id |
Whatever you supplied in Display name, kebab-cased, or an auto-generated devin-... id |
connection_type |
CONNECTION_TYPE_DEVIN |
display_name |
The value you entered |
secret_id |
Managed by Firetiger’s secrets backend — the API key itself is never returned |
No webhooks, no GitHub App install, no extra side effects — just a stored credential and a row that shows up in the Fix dropdown.
How fixing works
Clicking Fix ▾ → Devin (or an Autofix dispatch) launches a Devin session seeded with the issue’s description and investigation details, plus the repository from the issue’s GitHub link (falling back to the connection’s Default repository). The session opens in Devin’s own UI at app.devin.ai, and its URL is written onto the issue’s links so you can jump back to it later.
Devin works through the fix on its own infrastructure and opens a pull request that references the issue’s call sign (Fixes FT-42), so the merge is tracked through Verifying Fix → Resolved like any other coding-agent fix. Firetiger does not poll Devin — session status is fetched on demand when you ask for it.
Troubleshooting
- Save fails asking for an organization ID — the key can’t auto-detect its org because it lacks the ReadAccountMeta permission on Devin’s
/v3/selfendpoint. Copy theorg-...value from the same Settings → Service users page where you created the key and paste it into the Organization ID field. - Save rejects the credentials — check that the key starts with
cog_(legacyapk_keys are not supported), that the service user has both ManageOrgSessions and ViewOrgSessions, and that the organization ID (if you entered one) belongs to the same org as the key.
Revoking a key
To rotate a compromised or expired Devin key:
- Revoke the service user’s key in Devin under Settings → Service users.
- In Firetiger, go to Integrations → Connections, find the Devin connection, click Edit, and paste the new key.
If you omit the API key on edit, Firetiger keeps the previous value — useful for updating only the display name, default repository, or ACU limit without touching the credential.
Related
- Fixing issues with coding agents — end-to-end workflow, from
Fix ▾click to closed issue - Autofix API — launch a coding agent automatically when an issue becomes Actionable
- Coding Agents API — programmatic access to launch / list / get sessions
- Connections API — create and update the underlying Devin connection via API