Can I use this for both REST and GraphQL APIs?

Absolutely. The skill is designed to provide security architecture guidance that applies to any API architecture, including REST and GraphQL.

How does it handle sensitive credentials?

The skill includes strict safety instructions to never log secrets, tokens, or credentials, and focuses on planning secure storage and rotation instead.

Is this skill suitable for multi-tenant applications?

Yes, it includes specific instructions for defining tenants and flows to ensure data isolation and secure access across different user groups.

Does this skill support OAuth2 and social login?

Yes, it provides specific guidance and implementation patterns for OAuth2, Social Login, and OpenID Connect (OIDC).

Auth Implementation Patterns

Name: Auth Implementation Patterns
Author: lwhguge-dot

bylwhguge-dot

0•

セキュリティとテスト

Implements secure authentication and authorization flows using industry-standard patterns like JWT, OAuth2, and RBAC.

The Auth Implementation Patterns skill provides comprehensive guidance for building and hardening robust identity systems within modern applications. It assists developers in designing secure token lifecycles, managing session states, and enforcing Role-Based Access Control (RBAC) while adhering to contemporary threat models. By streamlining the implementation of strategies like JWT, OIDC, and social logins, this skill ensures that backend services and APIs remain secure, scalable, and compliant with the principle of least privilege.

主な機能

010 GitHub stars

02Threat modeling and boundary definition for multi-tenant environments.

03Best practices for secret storage, rotation, and security audit logging.

04Granular Role-Based Access Control (RBAC) and policy enforcement point design.

05Design and implementation of JWT, OAuth2, and OIDC authentication strategies.

06Comprehensive session management and secure token lifecycle planning.

ユースケース

01Securing REST or GraphQL APIs with production-grade authorization logic.

02Hardening existing identity flows against common security vulnerabilities and threats.

03Integrating social login or Single Sign-On (SSO) into a new or existing project.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add lwhguge-dot/online-education-platform auth-implementation-patterns

For use in Claude.ai and ChatGPT

主な機能

010 GitHub stars

02Threat modeling and boundary definition for multi-tenant environments.

03Best practices for secret storage, rotation, and security audit logging.

04Granular Role-Based Access Control (RBAC) and policy enforcement point design.

05Design and implementation of JWT, OAuth2, and OIDC authentication strategies.

06Comprehensive session management and secure token lifecycle planning.

ユースケース

01Securing REST or GraphQL APIs with production-grade authorization logic.

02Hardening existing identity flows against common security vulnerabilities and threats.

03Integrating social login or Single Sign-On (SSO) into a new or existing project.

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add lwhguge-dot/online-education-platform auth-implementation-patterns

For use in Claude.ai and ChatGPT