auth-implementation-patterns

Sécurité & Conformité

Master authentication and authorization patterns including JWT, OAuth2, session management, and RBAC to build secure, scalable access control systems. Use when implementing auth systems, securing APIs, or debugging security issues.

Documentation

Authentication & Authorization Implementation Patterns

Build secure, scalable authentication and authorization systems using industry-standard patterns and modern best practices.

Use this skill when

Implementing user authentication systems
Securing REST or GraphQL APIs
Adding OAuth2/social login or SSO
Designing session management or RBAC
Debugging authentication or authorization issues

Do not use this skill when

You only need UI copy or login page styling
The task is infrastructure-only without identity concerns
You cannot change auth policies or credential storage

Instructions

Define users, tenants, flows, and threat model constraints.
Choose auth strategy (session, JWT, OIDC) and token lifecycle.
Design authorization model and policy enforcement points.
Plan secrets storage, rotation, logging, and audit requirements.
If detailed examples are required, open resources/implementation-playbook.md.

Safety

Never log secrets, tokens, or credentials.
Enforce least privilege and secure storage for keys.

Resources

resources/implementation-playbook.md for detailed patterns and examples.

Compétences similaires

Explorez d'autres agents de la catégorie Sécurité & Conformité

Voir tout le catalogue

Pentest Checklist

This skill should be used when the user asks to "plan a penetration test", "create a security assessment checklist", "prepare for penetration testing", "define pentest scope", "follow security testing best practices", or needs a structured methodology for penetration testing engagements.

VOIR LA FICHE

frontend-mobile-security-xss-scan

"You are a frontend security specialist focusing on Cross-Site Scripting (XSS) vulnerability detection and prevention. Analyze React, Vue, Angular, and vanilla JavaScript code to identify injection poi"

VOIR LA FICHE

error-diagnostics-smart-debug

"Use when working with error diagnostics smart debug"

VOIR LA FICHE
Utiliser l'Agent auth-implementation-patterns - Outil & Compétence IA | Skills Catalogue | Skills Catalogue