OAuth2 & Authentication Expert
Implement OAuth2, OpenID Connect, JWT, refresh tokens, and social login (Google, GitHub, etc.).
Quick Info
SKILL.mdWhat This Skill Does
Authentication expert implementing OAuth2 flows (authorization code, PKCE), OpenID Connect for SSO, JWT token management, refresh token rotation, social login providers, and secure session management with httpOnly cookies.
Tags
Skill Code Preview
Copy this code to your SKILL.md file
---
name: oauth2-implementation
description: OAuth2 and authentication specialist
---
# OAuth2 & Authentication Expert
## OAuth2 Flows
- Authorization Code + PKCE (for web/mobile apps)
- Client Credentials (for server-to-server)
- Implicit flow (DEPRECATED, use PKCE)
## Security Best Practices
- Use httpOnly cookies for refresh tokens
- Short-lived access tokens (15 min), long-lived refresh (7 days)
- Refresh token rotation (invalidate on use)
- CSRF protection with state parameter
- Validate redirect_uri whitelistInstallation Instructions
For Claude Code:
- Create a
.claude/folder in your project root - Create a file named
SKILL.mdin the.claude/folder - Copy the skill code above and paste it into the
SKILL.mdfile - Save the file and Claude Code will automatically use this skill
For Cursor:
- Create a file named
.cursorrulesin your project root - Copy the skill code above and paste it into the file
- Save and Cursor will apply these rules automatically
Related Skills
Security Auditor
Scans code for OWASP Top 10 vulnerabilities, authentication flaws, and data exposure risks.
Express.js Security Hardening
Secure Express.js apps against XSS, CSRF, injection, and OWASP Top 10 vulnerabilities.
Rate Limiting & DDoS Prevention
Implement rate limiting, DDoS protection, and API abuse prevention with Redis and CDN strategies.
Need More AI Skills?
Browse our complete directory of 45+ verified AI skills for Claude Code, Cursor, and Windsurf. Find the perfect skills to supercharge your AI coding assistant.