descope-auth

Integrate Descope authentication into applications. Use when implementing login, signup, passwordless auth (OTP, Magic Link, Passkeys), OAuth, SSO, or MFA. Detects framework and provides targeted guidance.

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "descope-auth" with this command: npx skills add descope/skills/descope-skills-descope-auth

Descope Authentication

Integrate secure, passwordless authentication using Descope Flows and SDKs.

Framework Detection

Detect the user's framework and use the appropriate reference:

If project has...Use reference
next in package.jsonreferences/nextjs.md
react (no Next.js)references/react.md
Python/Node.js backend onlyreferences/backend.md

Quick Start (all frameworks)

  1. Get Project ID from https://app.descope.com/settings/project
  2. Set environment variable: NEXT_PUBLIC_DESCOPE_PROJECT_ID=<your-id>
  3. Follow framework-specific reference

Valid Flow IDs (CRITICAL - do not invent others)

Flow IDPurpose
sign-up-or-inCombined signup/login (RECOMMENDED)
sign-upRegistration only
sign-inLogin only
step-upMFA step-up authentication
update-userProfile updates, add auth methods

Authentication Methods

MethodWhen to use
OTP (Email/SMS)Quick verification codes
Magic LinkPasswordless email links
PasskeysBiometric/WebAuthn (most secure)
OAuthSocial login (Google, GitHub, etc.)
SSOEnterprise SAML/OIDC
PasswordsTraditional auth (not recommended)

DO NOT (Security Guardrails)

  • DO NOT parse JWTs manually - always use SDK's validateSession()
  • DO NOT store tokens in localStorage - SDK handles this securely
  • DO NOT invent flow IDs - only use IDs from the table above
  • DO NOT skip server-side validation - always validate on backend
  • DO NOT expose DESCOPE_MANAGEMENT_KEY in client code

References

  • references/nextjs.md - Next.js App Router integration
  • references/react.md - React SPA integration
  • references/backend.md - Backend session validation

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

General

descope-terraform

No summary provided by upstream source.

Repository SourceNeeds Review
6-descope
General

Find Skills for ClawHub

Search for and discover OpenClaw skills from ClawHub (the official skill registry). Activate when user asks about finding skills, installing skills, or wants...

Registry SourceRecently Updated
2771Profile unavailable
General

Skill Listing Polisher

Improve a skill's public listing before publish. Use when tightening title, description, tags, changelog, and scan-friendly packaging so the listing looks cl...

Registry SourceRecently Updated
1130Profile unavailable
General

Skill Priority Setup

Scans installed skills, suggests L0-L3 priority tiers, and auto-configures skill injection policy. Use when: setting up skill priorities, optimizing token bu...

Registry SourceRecently Updated
2500Profile unavailable
descope-auth | V50.AI