Does this skill support PKCE?

Yes, it provides implementation patterns for Authorization Code flow with PKCE, specifically designed for securing public clients like Single Page Applications (SPAs) and mobile apps.

Can I use this for SSO integrations?

Absolutely. This skill is optimized for building Single Sign-On (SSO) systems and integrating third-party identity providers using the OIDC standard.

Does it cover token security best practices?

Yes, the skill emphasizes critical security requirements such as storing tokens in HttpOnly cookies, implementing token rotation, and enforcing short-lived access tokens.

What authentication flows are included?

The skill includes patterns for Authorization Code flow (with and without PKCE), Client Credentials for service-to-service auth, and Refresh Token logic for session renewal.

OAuth Implementation

Name: OAuth Implementation
Author: secondsky

bysecondsky

•

Seguridad y Pruebas

Implements secure OAuth 2.0 and OpenID Connect authentication flows for web and mobile applications.

This skill enables Claude to architect and implement industry-standard authentication systems using OAuth 2.0 and OpenID Connect (OIDC). It provides domain-specific patterns for Authorization Code flows, PKCE for public clients, and secure token management, ensuring that applications handle third-party integrations, SSO, and API access with production-grade security measures like HTTPS enforcement, state validation, and token rotation.

Características Principales

01PKCE support for SPAs and mobile apps

02Secure token management and rotation

03Security best practice enforcement

0421 GitHub stars

05Authorization Code flow implementation

06OpenID Connect (OIDC) integration

Casos de Uso

01Implementing secure API token refresh logic

02Building secure SSO systems

03Integrating third-party OAuth providers

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add secondsky/claude-skills oauth-implementation

For use in Claude.ai and ChatGPT

Download Skill