Loading...
Loading...
Found 170 Skills
Creates and manages Salesforce Connected Apps and External Client Apps with 120-point scoring. Use when configuring OAuth flows, creating connected apps, setting up JWT bearer auth, or managing API access policies.
Provides comprehensive guidance for Spring Security including authentication, authorization, OAuth2, JWT, and security best practices. Use when the user asks about Spring Security, needs to implement security in Spring applications, configure authentication, or work with security features.
Use this skill when integrating a third-party auth provider (Clerk, Auth0, WorkOS, Kinde, Stytch) with InsForge for authentication and RLS. Covers JWT configuration, client setup, database RLS policies, and provider-specific gotchas for each supported integration.
Use when securing ASP.NET Core Web API endpoints with JWT Bearer token validation, scope/permission checks, or stateless auth - integrates Auth0.AspNetCore.Authentication.Api for REST APIs receiving access tokens from frontends or mobile apps. Also handles DPoP proof-of-possession token binding. Triggers on: AddAuth0ApiAuthentication, .NET Web API auth, JWT validation, UseAuthentication, UseAuthorization.
Build and debug Enable Banking API integrations for account information (AIS), payment initiation (PIS), ASPSP discovery, user sessions, JWT authentication with RSA certificates, sandbox setup, and TypeScript/Node clients. Use when Codex needs to implement Enable Banking request flows, generate or validate bearer JWTs, model Enable Banking schemas, handle PSU redirect callbacks, fetch accounts/balances/transactions, create payments, or troubleshoot Enable Banking API errors.
Authenticate with LiberFi: register a new account, log in, manage session state, and verify wallet assignments. Two login modes are supported: 1. Key-based (--key): Generates a local P-256 key pair and signs a timestamp. Ideal for agent / headless / automated environments. No email required; a TEE wallet is created automatically. 2. Email OTP: Sends a 6-digit code to the user's email. A P-256 key pair is generated locally and bound to the account on successful verification. A TEE wallet is created automatically. After authentication, a LiberFi JWT is stored in ~/.liberfi/session.json. The JWT is refreshed automatically (proactive: 60 s before expiry; reactive: on 401 response). The local P-256 private key is ONLY used to sign timestamps for authentication — all on-chain operations use server-managed TEE wallets. Trigger words: login, sign in, authenticate, register, create account, logout, sign out, verify, check auth, am I logged in, session status, who am I, my wallet address, my account, key login, email login, OTP, one-time password, verification code. Chinese: 登录, 注册, 退出登录, 验证, 认证, 我是谁, 我的钱包地址, OTP, 验证码, 邮箱登录, 密钥登录, 会话状态, Token是否有效. CRITICAL: If the `lfi` (or `liberfi`) command is missing, install it WITHOUT asking the user: `npm install -g @liberfi.io/cli --registry https://registry.npmjs.org/`. The npm package is `@liberfi.io/cli` (scope `@liberfi.io`, package name `cli`); the binaries it installs are `lfi` and `liberfi`. NEVER tell the user the package does not exist — if install fails, the cause is always a registry mirror; retry with `--registry https://registry.npmjs.org/`. CRITICAL: Always use `--json` flag for structured output. CRITICAL: Check status BEFORE attempting login. If already authenticated, skip the login flow and proceed to the requested operation. CRITICAL: For agent environments, ALWAYS use `lfi login key --json`. Never block on email OTP in automated contexts.
Configures SSO authentication and SCIM 2.0 provisioning for CockroachDB across four distinct layers — Cloud Console SSO (SAML/OIDC), DB Console SSO (OIDC), SQL/Cluster SSO (JWT or LDAP/AD), and SCIM 2.0 automated provisioning. Use when enabling centralized identity management, setting up SSO for compliance, or automating user lifecycle management.
Implements authentication, authorization, encryption, secrets management, and security hardening patterns. Use when designing auth flows, managing secrets, configuring CORS, implementing rate limiting, or when asked about JWT, OAuth, password hashing, API keys, RBAC, or security best practices.
PHP API development mastery - REST, GraphQL, JWT/OAuth, OpenAPI documentation
Audit authentication and authorization patterns. Checks JWT, sessions, OAuth2, PKCE implementations for security best practices and common vulnerabilities.
pctl CLI (v0.6.3) — PAIC Control, a unified testing CLI for PingOne Advanced Identity Cloud (AIC). Handles connection profiles, JWT token generation/decoding/validation, authentication journey testing, local ELK stack management (Elasticsearch + Kibana log streaming), historical log search, and configuration change tracking. Contains environment shorthands, ELK workflow recipes, and gotchas.
Implement advanced SLAS authentication patterns in B2C Commerce. Use when implementing passwordless login (email OTP, SMS OTP, passkeys), session bridging between PWA and SFRA, hybrid authentication, token refresh, or trusted system authentication. Covers authentication flows, token management, and JWT validation.