bkend-auth

bkend.ai authentication and security expert skill. Covers email signup/login, social login (Google, GitHub), magic link, JWT tokens (Access 1h, Refresh 7d), session management, RBAC (admin/user/self/guest), RLS policies, password management, and account lifecycle. Triggers: signup, login, JWT, session, social login, RBAC, RLS, password, token, 회원가입, 로그인, 토큰, 세션, 권한, 보안정책, 비밀번호, ログイン, 認証, セッション, 権限, パスワード, 登录, 认证, 会话, 权限, 密码, registro, inicio de sesion, permisos, contrasena, inscription, connexion, permissions, mot de passe, Registrierung, Anmeldung, Berechtigungen, Passwort, registrazione, accesso, permessi, password Do NOT use for: database CRUD (use bkend-data), file storage (use bkend-storage), enterprise-level security architecture (use security-architect).

Safety Notice

This listing is imported from skills.sh public index metadata. Review upstream SKILL.md and repository scripts before running.

Copy this and send it to your AI assistant to learn

Install skill "bkend-auth" with this command: npx skills add popup-studio-ai/bkit-claude-code/popup-studio-ai-bkit-claude-code-bkend-auth

bkend.ai Authentication & Security Guide

Auth Methods

MethodDescription
Email + PasswordEmail/password signup and login
Social (Google)OAuth 2.0 social login
Social (GitHub)OAuth 2.0 social login
Magic LinkEmail link login (no password)

JWT Token Structure

  • Access Token: 1 hour validity
  • Refresh Token: 7 days validity
  • Auto-refresh: POST /v1/auth/refresh

Password Policy

8+ characters, uppercase + lowercase + numbers + special characters

MCP Auth Workflow

bkend MCP does NOT have dedicated auth tools. Use this workflow:

  1. Search docs: search_docs with query "email signup" or "social login"
  2. Get examples: search_docs with query "auth code examples"
  3. Generate code: AI generates REST API code based on search results

Searchable Auth Docs

Doc IDContent
3_howto_implement_authSignup, login, token management guide
6_code_examples_authEmail, social, magic link code examples

Key Pattern

User: "Add social login"
  → search_docs(query: "social login implementation")
  → Returns auth guide with REST API patterns
  → AI generates social login code

REST Auth API (Core Endpoints)

For the complete endpoint list, use search_docs or check Live Reference.

MethodEndpointDescription
POST/v1/auth/email/signupSign up
POST/v1/auth/email/signinSign in
GET/v1/auth/meCurrent user
POST/v1/auth/refreshRefresh token
POST/v1/auth/signoutSign out
GET/POST/v1/auth/:provider/callbackSocial login callback
POST/v1/auth/password/reset/requestPassword reset
POST/v1/auth/password/reset/confirmConfirm reset
POST/v1/auth/password/changeChange password
GET/v1/auth/sessionsList sessions
DELETE/v1/auth/sessions/:sessionIdRemove session
DELETE/v1/auth/withdrawDelete account

Additional endpoints (MFA, invitations, user management): use search_docs or Live Reference.

RBAC (Role-Based Access Control)

GroupDescriptionScope
adminFull CRUDAll data
userAuthenticated userFull read, own write
selfOwner onlycreatedBy-based
guestUnauthenticatedRead only (usually)

RLS (Row Level Security)

  • Per-table row-level access control
  • 4-level policies: admin/user/self/guest
  • Auto-filtering based on createdBy field

Session Management

  • Per-device session tracking
  • GET /v1/auth/sessions - List sessions
  • DELETE /v1/auth/sessions/:sessionId - Remove session

Official Documentation (Live Reference)

For the latest authentication documentation, use WebFetch:

Source Transparency

This detail page is rendered from real SKILL.md content. Trust labels are metadata-based hints, not a safety guarantee.

Open in GitHubOpen in ClawHub

Related Skills

Related by shared tags or category signals.

Security

phase-7-seo-security

No summary provided by upstream source.

Repository SourceNeeds Review
-27
popup-studio-ai
Coding

desktop-app

No summary provided by upstream source.

Repository SourceNeeds Review
-69
popup-studio-ai
Coding

mobile-app

No summary provided by upstream source.

Repository SourceNeeds Review
-63
popup-studio-ai