The Agent Skills Directory

[SAFE]: The skill provides comprehensive and accurate instructions for configuring Single Sign-On (SSO) and SCIM 2.0 across multiple layers of the CockroachDB ecosystem.
[SAFE]: Secret management follows industry best practices by utilizing clear, descriptive placeholders (e.g., <client-secret>, <bind-password>, <service-account-password>) for sensitive credentials.
[SAFE]: The skill contains significant safety documentation, including a dedicated 'Safety Considerations' section and a 'SSO Lockout Recovery' troubleshooting guide, which emphasizes the use of break-glass accounts and secure HBA rule ordering.
[SAFE]: Command execution is limited to official administrative tools (ccloud CLI, cockroach sql) and standard diagnostic utilities (openssl, ldapsearch, curl) for verifying Identity Provider (IdP) connectivity.
[SAFE]: All external references point to official CockroachDB documentation or well-known, trusted identity providers (Okta, Azure AD, Google Workspace).

configuring-sso-and-scim