oracle-idcs-better-auth-setup
Installation
SKILL.md
Oracle IDCS + Better Auth Setup
Entry skill for the full auth foundation: Oracle adapter, OIDC config, trusted origins, callback URLs, provider bootstrap, and cross-app consistency.
This is a router, not a deep implementation guide. Use it to diagnose where the problem lives, then hand off to the right skill.
NEVER
- Never mix full-stack setup guidance with Fastify bridge internals or org provisioning internals — each skill owns its domain.
- Never bootstrap providers from DB on cold-start — seed from env first, then reflect into Oracle provider tables for operator visibility.
- Never write provider bootstrap that overwrites existing operator-managed rows — idempotent create-if-missing only.
- Never skip
urn:opc:idm:__myscopes__from IDCS scopes — its absence silently removes thegroupsclaim from tokens, breaking all role-based logic downstream. - Never trust that OAuth success means local session success — wrong callback URL produces OAuth success followed by local session failure, a misleading failure mode.
Decision Tree: Which Skill Owns This?
Is the problem in the auth foundation (setup, config, bootstrap)?
├── Yes → Stay in this skill