auth-flow-design
CommunityChoose the safest OAuth/OIDC auth flow.
Software Engineering#oauth#oidc#pkce#authentication design#refresh token rotation#logout coordination#security evidence
AuthorvTRKA
Version1.0.0
Installs0
System Documentation
What problem does it solve?
This Skill prevents insecure or incompatible authentication implementations by forcing a deliberate OAuth 2.1 / OIDC flow choice before writing auth code.
Core Features & Use Cases
- Auth-flow selection: Picks the correct OAuth/OIDC flow by client type (authorization-code + PKCE, client-credentials, or device authorization) and rejects risky mismatches like ROPC and token storage in localStorage.
- Refresh, storage, and logout design: Defines refresh-token rotation, cookie vs token storage boundaries, and logout coordination across SPA/mobile/API/IdP.
- Evidence-first output: Produces a concrete design handoff (and blocks when required evidence/capability/approvals are missing) with confidence scoring.
Quick Start
Tell the AI tool which app and clients you are building, then ask it to design your authentication authorization flow with redirect URIs, PKCE, refresh rotation, storage, and logout steps.
Dependency Matrix
Required Modules
None requiredComponents
references
💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: auth-flow-design Download link: https://github.com/vTRKA/supervibe/archive/main.zip#auth-flow-design Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.