building-api-authentication

Installation
SKILL.md

Building API Authentication

Overview

Build secure API authentication systems supporting JWT Bearer tokens, OAuth 2.0 authorization code and client credentials flows, API key management, and session-based authentication. Implement token issuance, validation, refresh rotation, revocation, and role-based access control (RBAC) with scoped permissions across all API endpoints.

Prerequisites

  • Cryptographic library: jsonwebtoken (Node.js), PyJWT (Python), or jjwt (Java)
  • Secure secret storage: environment variables, AWS Secrets Manager, or HashiCorp Vault for JWT signing keys
  • Database table for user credentials, refresh tokens, and API key storage
  • Bcrypt or Argon2 for password hashing (never store plaintext passwords)
  • OAuth 2.0 provider credentials for third-party auth integration (Google, GitHub, Auth0)

Instructions

Installs
29
GitHub Stars
2.5K
First Seen
Feb 18, 2026
building-api-authentication — jeremylongshore/claude-code-plugins-plus-skills