[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"extension-skill-auth0-express-oauth2-jwt-bearer-de":3,"guides-for-auth0-express-oauth2-jwt-bearer":806,"similar-k172a96fyh4jrhrb5qc6tfrbp986nrey-de":807},{"_creationTime":4,"_id":5,"children":6,"community":7,"display":9,"evaluation":15,"identity":264,"isFallback":261,"parentExtension":269,"providers":304,"relations":308,"repo":309,"tags":804,"workflow":805},1778682677410.0369,"k172a96fyh4jrhrb5qc6tfrbp986nrey",[],{"reviewCount":8},0,{"description":10,"installMethods":11,"name":13,"sourceUrl":14},"Use when adding Auth0 token validation to Express or Node.js APIs - integrates express-oauth2-jwt-bearer SDK to protect Node.js API endpoints with JWT Bearer authentication, scope-based RBAC, claim validation, and optional DPoP support",{"claudeCode":12},"auth0/agent-skills","Auth0 Express OAuth2 JWT Bearer","https://github.com/auth0/agent-skills",{"_creationTime":16,"_id":17,"extensionId":5,"locale":18,"result":19,"trustSignals":244,"workflow":262},1778683411303.9475,"kn7a3j3hqhah6bhd809564h4p986n2v2","en",{"checks":20,"evaluatedAt":191,"extensionSummary":192,"features":193,"nonGoals":199,"practices":204,"prerequisites":209,"promptVersionExtension":215,"promptVersionScoring":216,"purpose":217,"rationale":218,"score":219,"summary":220,"tags":221,"targetMarket":229,"tier":230,"useCases":231,"workflow":236},[21,26,29,32,36,39,43,47,50,53,57,61,64,68,71,74,77,80,83,86,89,93,97,101,105,108,112,116,120,123,126,129,132,135,138,142,146,149,152,156,159,162,165,168,172,175,178,181,184,188],{"category":22,"check":23,"severity":24,"summary":25},"Practical Utility","Problem relevance","pass","The description clearly states the problem of adding Auth0 token validation to Node.js APIs and names the specific SDK used.",{"category":22,"check":27,"severity":24,"summary":28},"Unique selling proposition","The skill integrates a specific SDK to provide JWT Bearer authentication, RBAC, and DPoP support, offering value beyond a generic LLM capability.",{"category":22,"check":30,"severity":24,"summary":31},"Production readiness","The extension provides a complete lifecycle for integrating Auth0 JWT validation, including setup, configuration, and endpoint protection.",{"category":33,"check":34,"severity":24,"summary":35},"Scope","Single responsibility principle","The skill focuses specifically on integrating Auth0 JWT bearer token validation into Express/Node.js APIs, adhering to a single responsibility.",{"category":33,"check":37,"severity":24,"summary":38},"Description quality","The displayed description accurately and concisely reflects the functionality of integrating the express-oauth2-jwt-bearer SDK for Auth0 token validation.",{"category":40,"check":41,"severity":24,"summary":42},"Invocation","Scoped tools","The skill exposes specific, well-defined tools for authentication and authorization tasks.",{"category":44,"check":45,"severity":24,"summary":46},"Documentation","Configuration & parameter reference","All configuration options, including environment variables and their precedence, are clearly documented in the `api.md` reference.",{"category":33,"check":48,"severity":24,"summary":49},"Tool naming","The tools and functions exposed by the skill (e.g., `auth`, `requiredScopes`) are descriptively named within the domain of JWT validation.",{"category":33,"check":51,"severity":24,"summary":52},"Minimal I/O surface","Input parameters for the auth function are well-defined, and outputs (like `req.auth`) are structured and focused on authentication payload.",{"category":54,"check":55,"severity":24,"summary":56},"License","License usability","The extension is licensed under the Apache-2.0 license, which is a permissive open-source license.",{"category":58,"check":59,"severity":24,"summary":60},"Maintenance","Commit recency","The repository has recent commits within the last 3 months, indicating active maintenance.",{"category":58,"check":62,"severity":24,"summary":63},"Dependency Management","The project includes a `package.json` and the bootstrap script installs dependencies, indicating management of third-party libraries.",{"category":65,"check":66,"severity":24,"summary":67},"Security","Secret Management","The skill does not handle or echo secrets; it relies on Auth0's JWKS endpoint for token validation and uses environment variables for configuration.",{"category":65,"check":69,"severity":24,"summary":70},"Injection","The skill's operation is contained and does not load external untrusted data as instructions. It validates tokens against a known Auth0 endpoint.",{"category":65,"check":72,"severity":24,"summary":73},"Transitive Supply-Chain Grenades","The skill does not fetch or execute external code at runtime; all dependencies are managed via npm and declared in package.json.",{"category":65,"check":75,"severity":24,"summary":76},"Sandbox Isolation","The skill operates within the Node.js environment and does not attempt to modify files outside its intended scope or the project directory.",{"category":65,"check":78,"severity":24,"summary":79},"Sandbox escape primitives","No detached processes or retry loops around denied calls are present in the provided scripts.",{"category":65,"check":81,"severity":24,"summary":82},"Data Exfiltration","The skill does not exfiltrate confidential data; it only uses configuration variables for Auth0 domain and audience.",{"category":65,"check":84,"severity":24,"summary":85},"Hidden Text Tricks","The bundled content and documentation do not contain hidden text tricks or obfuscation techniques.",{"category":65,"check":87,"severity":24,"summary":88},"Opaque code execution","The provided scripts and SDK code are in plain, readable JavaScript/TypeScript, without obfuscation or dynamic code execution.",{"category":90,"check":91,"severity":24,"summary":92},"Portability","Structural Assumption","The bootstrap script correctly detects common Node.js project structures and creates an `.env` file at the project root.",{"category":94,"check":95,"severity":24,"summary":96},"Trust","Issues Attention","With 1 issue opened and 3 closed in the last 90 days, the closure rate is high, indicating good maintainer engagement.",{"category":98,"check":99,"severity":24,"summary":100},"Versioning","Release Management","The skill has a version ('1.0.0') declared in the frontmatter and a `package.json`, allowing for clear version tracking.",{"category":102,"check":103,"severity":24,"summary":104},"Execution","Validation","Input parameters for the `auth` function are well-defined and validated by the SDK.",{"category":65,"check":106,"severity":24,"summary":107},"Unguarded Destructive Operations","The skill does not perform destructive operations; it only configures middleware for token validation.",{"category":109,"check":110,"severity":24,"summary":111},"Code Execution","Error Handling","The SDK and provided examples demonstrate robust error handling, including RFC 6750 compliant error responses and type checking.",{"category":109,"check":113,"severity":114,"summary":115},"Logging","not_applicable","The skill's primary function is middleware, which does not typically require extensive local audit logging.",{"category":117,"check":118,"severity":24,"summary":119},"Compliance","GDPR","The skill does not operate on personal data; it validates JWTs which may contain user IDs, but does not process or store PII.",{"category":117,"check":121,"severity":24,"summary":122},"Target market","The skill is a general-purpose authentication middleware and has no regional or jurisdictional limitations.",{"category":90,"check":124,"severity":24,"summary":125},"Runtime stability","The skill requires standard Node.js and Express, and its dependencies are managed via npm, ensuring cross-platform compatibility.",{"category":44,"check":127,"severity":24,"summary":128},"README","The README file is comprehensive, detailing installation, usage, and related skills.",{"category":33,"check":130,"severity":24,"summary":131},"Tool surface size","The core middleware exposes a focused set of functions (auth, requiredScopes, etc.), well within the target range.",{"category":40,"check":133,"severity":24,"summary":134},"Overlapping near-synonym tools","The exposed functions (auth, requiredScopes, claimIncludes, etc.) have distinct purposes and do not overlap significantly.",{"category":44,"check":136,"severity":24,"summary":137},"Phantom features","All advertised features, such as JWT validation and RBAC, are implemented and supported by the SDK.",{"category":139,"check":140,"severity":24,"summary":141},"Install","Installation instruction","Clear installation instructions for various environments (Claude Code, Cursor, CLI) and a copy-pasteable setup workflow are provided.",{"category":143,"check":144,"severity":24,"summary":145},"Errors","Actionable error messages","Error handling in the SDK and examples provides clear error codes, messages, and remediation guidance.",{"category":102,"check":147,"severity":24,"summary":148},"Pinned dependencies","Dependencies are managed via `package.json` and the bootstrap script ensures correct Node.js version, implying pinned versions through lockfiles.",{"category":33,"check":150,"severity":114,"summary":151},"Dry-run preview","This skill is a middleware for token validation and does not involve state-changing operations that would require a dry-run preview.",{"category":153,"check":154,"severity":24,"summary":155},"Protocol","Idempotent retry & timeouts","The core operation is stateless middleware, and network calls to JWKS are implicitly handled by the SDK with standard timeouts.",{"category":117,"check":157,"severity":24,"summary":158},"Telemetry opt-in","No telemetry is emitted by this extension; it focuses solely on authentication middleware.",{"category":40,"check":160,"severity":24,"summary":161},"Precise Purpose","The skill's purpose is precisely defined: integrate Auth0 token validation for Express/Node.js APIs using a specific SDK, with clear boundaries and use cases.",{"category":40,"check":163,"severity":24,"summary":164},"Concise Frontmatter","The frontmatter is dense and effectively summarizes the core capability (Auth0 token validation for Node.js APIs) within the character limit.",{"category":44,"check":166,"severity":24,"summary":167},"Concise Body","The SKILL.md body is well-structured, reasonably concise, and delegates deeper material to reference files.",{"category":169,"check":170,"severity":24,"summary":171},"Context","Progressive Disclosure","Detailed setup and API information are appropriately delegated to separate markdown files (`references/setup.md`, `references/api.md`, etc.).",{"category":169,"check":173,"severity":114,"summary":174},"Forked exploration","This skill performs a direct validation task and does not involve deep exploration or code review that would necessitate `context: fork`.",{"category":22,"check":176,"severity":24,"summary":177},"Usage examples","Comprehensive examples are provided for integration, RBAC, and testing, covering various scenarios with clear inputs and expected outcomes.",{"category":22,"check":179,"severity":24,"summary":180},"Edge cases","The documentation addresses common issues, error modes, and specific configurations like CORS and DPoP, providing recovery steps.",{"category":109,"check":182,"severity":114,"summary":183},"Tool Fallback","This skill does not rely on external tools like an MCP server; it is self-contained within the Node.js environment.",{"category":185,"check":186,"severity":24,"summary":187},"Safety","Halt on unexpected state","The bootstrap script has validation checks for Node.js version and Auth0 CLI login, and provides clear error messages if prerequisites are not met.",{"category":90,"check":189,"severity":24,"summary":190},"Cross-skill coupling","The skill is self-contained and does not implicitly rely on other skills; it provides clear documentation for integration within an Express/Node.js project.",1778683411010,"This skill integrates the `express-oauth2-jwt-bearer` SDK to protect Node.js API endpoints with Auth0 JWT Bearer authentication, supporting scope-based RBAC, claim validation, and optional DPoP.",[194,195,196,197,198],"JWT Bearer token validation per RFC 6750","Scope-based RBAC and claim validation","Optional DPoP support for token binding","Automatic setup script for Auth0 API configuration","Clear guidance on CORS, error handling, and testing",[200,201,202,203],"Building full-stack web applications with UI/session management","Handling authentication for client-side SPAs or mobile apps directly","Managing user login flows or UI components","Providing alternative authentication providers",[205,206,207,208],"JWT Authentication","API Security","Authorization","RBAC",[210,211,212,213,214],"Node.js 18+ (20+ recommended)","Express 4.x or 5.x","npm or yarn","An Auth0 account with a configured API (Resource Server)","Auth0 CLI (for automatic setup)","3.0.0","4.4.0","Integrate Auth0 JWT bearer token validation into Express or Node.js APIs to secure endpoints and enforce authorization rules.","All checks passed with a combination of 'pass' and 'not_applicable' severities, indicating high quality and no significant issues.",100,"Excellent skill for integrating Auth0 JWT validation into Node.js APIs, with comprehensive documentation and a robust setup process.",[222,223,224,225,226,227,228],"auth0","jwt","authentication","express","nodejs","security","api","global","verified",[232,233,234,235],"Securing Node.js API endpoints with Auth0 JWTs","Implementing role-based access control using JWT claims","Protecting APIs called by SPAs, mobile apps, or M2M clients","Validating Auth0-issued access tokens against an API audience",[237,238,239,240,241,242,243],"Fetch latest SDK release version","Install the SDK","Configure Auth0 API and environment variables (automatic or manual)","Set up middleware in the Node.js application","Protect API endpoints with the middleware","Add RBAC or claim validation rules","Verify the integration by testing protected endpoints",{"codeQuality":245,"collectedAt":247,"documentation":248,"maintenance":251,"security":258,"testCoverage":260},{"hasLockfile":246},false,1778683391255,{"descriptionLength":249,"readmeSize":250},235,7769,{"closedIssues90d":252,"forks":253,"hasChangelog":246,"manifestVersion":254,"openIssues90d":255,"pushedAt":256,"stars":257},3,10,"1.0.0",1,1778675325000,20,{"hasNpmPackage":246,"license":259,"smitheryVerified":246},"Apache-2.0",{"hasCi":261,"hasTests":261},true,{"updatedAt":263},1778683411304,{"basePath":265,"githubOwner":222,"githubRepo":266,"locale":18,"slug":267,"type":268},"plugins/auth0/skills/express-oauth2-jwt-bearer","agent-skills","express-oauth2-jwt-bearer","skill",{"_creationTime":270,"_id":271,"community":272,"display":273,"identity":277,"parentExtension":280,"providers":281,"relations":298,"tags":300,"workflow":301},1778682677410.0303,"k17b52m0t4j5ryyvea95kdqqr186nk9e",{"reviewCount":8},{"description":274,"installMethods":275,"name":276,"sourceUrl":14},"Auth0 skills for quickstarts, migration, MFA, Advanced Custom Universal Login (ACUL) screen generation, and framework-specific SDK integrations for React, Next.js, Vue, Nuxt, Angular, Express, Fastify, FastAPI, Go, Java MVC, Spring Boot, Swift, Android, ASP.NET Core, React Native, Expo, Ionic React (Capacitor), Ionic Angular (Capacitor), and Ionic Vue (Capacitor).",{"claudeCode":222},"Auth0",{"basePath":278,"githubOwner":222,"githubRepo":266,"locale":18,"slug":222,"type":279},"plugins/auth0","plugin",null,{"evaluate":282,"extract":293},{"promptVersionExtension":215,"promptVersionScoring":216,"score":283,"tags":284,"targetMarket":229,"tier":292},78,[224,222,227,223,285,286,287,288,289,290,291],"oauth","spa","web","mobile","backend","frontend","migration","community",{"commitSha":294,"license":259,"plugin":295},"HEAD",{"mcpCount":8,"provider":296,"skillCount":297},"classify",28,{"repoId":299},"kd7d2wx4927yddhxgfpzw6t10x86m349",[222,224,289,290,223,291,288,285,227,286,287],{"evaluatedAt":302,"extractAt":303,"updatedAt":302},1778682712627,1778682677410,{"evaluate":305,"extract":307},{"promptVersionExtension":215,"promptVersionScoring":216,"score":219,"tags":306,"targetMarket":229,"tier":230},[222,223,224,225,226,227,228],{"commitSha":294,"license":259},{"parentExtensionId":271,"repoId":299},{"_creationTime":310,"_id":299,"identity":311,"providers":312,"workflow":800},1778682673018.1855,{"githubOwner":222,"githubRepo":266,"sourceUrl":14},{"classify":313,"discover":794,"github":797},{"commitSha":294,"extensions":314},[315,332,398,436,450,461,472,482,513,524,535,543,551,562,573,584,595,606,621,633,644,657,670,681,693,715,726,754,765,783],{"basePath":316,"description":317,"displayName":318,"installMethods":319,"rationale":320,"selectedPaths":321,"source":330,"sourceLanguage":18,"type":331},"","Agent skills for integrating Auth0 authentication into any application, framework, or platform.","auth0-agent-skills",{"claudeCode":12},"marketplace.json at .claude-plugin/marketplace.json",[322,325,327],{"path":323,"priority":324},".claude-plugin/marketplace.json","mandatory",{"path":326,"priority":324},"README.md",{"path":328,"priority":329},"LICENSE","high","rule","marketplace",{"basePath":278,"description":274,"displayName":222,"installMethods":333,"rationale":334,"selectedPaths":335,"source":330,"sourceLanguage":18,"type":279},{"claudeCode":222},"plugin manifest at plugins/auth0/.claude-plugin/plugin.json",[336,338,339,342,344,346,348,350,352,354,356,358,360,362,364,366,368,370,372,374,376,378,380,382,384,386,388,390,392,394,396],{"path":337,"priority":324},".claude-plugin/plugin.json",{"path":326,"priority":324},{"path":340,"priority":341},"skills/acul-screen-generator/SKILL.md","medium",{"path":343,"priority":341},"skills/auth0-android/SKILL.md",{"path":345,"priority":341},"skills/auth0-angular/SKILL.md",{"path":347,"priority":341},"skills/auth0-aspnetcore-api/SKILL.md",{"path":349,"priority":341},"skills/auth0-cli/SKILL.md",{"path":351,"priority":341},"skills/auth0-expo/SKILL.md",{"path":353,"priority":341},"skills/auth0-express/SKILL.md",{"path":355,"priority":341},"skills/auth0-fastapi-api/SKILL.md",{"path":357,"priority":341},"skills/auth0-fastify/SKILL.md",{"path":359,"priority":341},"skills/auth0-fastify-api/SKILL.md",{"path":361,"priority":341},"skills/auth0-flask/SKILL.md",{"path":363,"priority":341},"skills/auth0-ionic-angular/SKILL.md",{"path":365,"priority":341},"skills/auth0-ionic-react/SKILL.md",{"path":367,"priority":341},"skills/auth0-ionic-vue/SKILL.md",{"path":369,"priority":341},"skills/auth0-java-mvc-common/SKILL.md",{"path":371,"priority":341},"skills/auth0-mfa/SKILL.md",{"path":373,"priority":341},"skills/auth0-migration/SKILL.md",{"path":375,"priority":341},"skills/auth0-nextjs/SKILL.md",{"path":377,"priority":341},"skills/auth0-nuxt/SKILL.md",{"path":379,"priority":341},"skills/auth0-quickstart/SKILL.md",{"path":381,"priority":341},"skills/auth0-react/SKILL.md",{"path":383,"priority":341},"skills/auth0-react-native/SKILL.md",{"path":385,"priority":341},"skills/auth0-spa-js/SKILL.md",{"path":387,"priority":341},"skills/auth0-springboot-api/SKILL.md",{"path":389,"priority":341},"skills/auth0-swift/SKILL.md",{"path":391,"priority":341},"skills/auth0-vue/SKILL.md",{"path":393,"priority":341},"skills/express-oauth2-jwt-bearer/SKILL.md",{"path":395,"priority":341},"skills/go-jwt-middleware/SKILL.md",{"path":397,"priority":329},".cursor-plugin/plugin.json",{"basePath":399,"description":400,"displayName":401,"installMethods":402,"rationale":403,"selectedPaths":404,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/acul-screen-generator","Generates complete, branded Auth0 Advanced Custom Universal Login (ACUL) screen implementations using the React or Vanilla JS SDK. Use when a developer asks to create, add, or modify ACUL login screens with custom branding, social login, theming, or specific authentication flows. Triggers on requests like \"generate a custom login screen\", \"add a signup screen to my ACUL project\", \"customize my Auth0 Universal Login with our brand colors\", \"apply our theme to all ACUL screens\", or any task involving Auth0 Universal Login customization with @auth0/auth0-acul-react or @auth0/auth0-acul-js.","acul-screen-generator",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/acul-screen-generator/SKILL.md",[405,407,410,412,414,416,418,420,422,424,426,428,430,432,434],{"path":406,"priority":324},"SKILL.md",{"path":408,"priority":409},"assets/js-templates/login-id.js","low",{"path":411,"priority":409},"assets/js-templates/login-password.js",{"path":413,"priority":409},"assets/react-templates/login-id.tsx",{"path":415,"priority":409},"assets/react-templates/login-password.tsx",{"path":417,"priority":409},"assets/theme-templates/globals.css",{"path":419,"priority":409},"assets/theme-templates/tailwind.config.ts",{"path":421,"priority":409},"assets/theme-templates/theme-provider.ts",{"path":423,"priority":409},"assets/theme-templates/tokens.css",{"path":425,"priority":341},"references/acul-js-sdk.md",{"path":427,"priority":341},"references/acul-react-sdk.md",{"path":429,"priority":341},"references/cli-commands.md",{"path":431,"priority":341},"references/screen-catalog.md",{"path":433,"priority":341},"references/social-providers.md",{"path":435,"priority":341},"references/theming-patterns.md",{"basePath":437,"description":438,"displayName":439,"installMethods":440,"rationale":441,"selectedPaths":442,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-android","Use when adding authentication to Android applications (Kotlin/Java) with Web Auth, biometric-protected credentials, and MFA - integrates com.auth0.android:auth0 SDK for native Android apps","auth0-android",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-android/SKILL.md",[443,444,446,448],{"path":406,"priority":324},{"path":445,"priority":341},"references/api.md",{"path":447,"priority":341},"references/integration.md",{"path":449,"priority":341},"references/setup.md",{"basePath":451,"description":452,"displayName":453,"installMethods":454,"rationale":455,"selectedPaths":456,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-angular","Use when adding authentication to Angular applications with route guards and HTTP interceptors - integrates @auth0/auth0-angular SDK for SPAs","auth0-angular",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-angular/SKILL.md",[457,458,459,460],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"basePath":462,"description":463,"displayName":464,"installMethods":465,"rationale":466,"selectedPaths":467,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-aspnetcore-api","Use when securing ASP.NET Core Web API endpoints with JWT Bearer token validation, scope/permission checks, or stateless auth - integrates Auth0.AspNetCore.Authentication.Api for REST APIs receiving access tokens from frontends or mobile apps. Also handles DPoP proof-of-possession token binding. Triggers on: AddAuth0ApiAuthentication, .NET Web API auth, JWT validation, UseAuthentication, UseAuthorization.","auth0-aspnetcore-api",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-aspnetcore-api/SKILL.md",[468,469,470,471],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"basePath":473,"description":474,"displayName":475,"installMethods":476,"rationale":477,"selectedPaths":478,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-cli","Reference for Auth0 CLI commands — apps, apis, users, roles, organizations, actions, logs, custom domains, universal-login, terraform, raw API mode, and --json output. Use this skill whenever you need to run Auth0 CLI commands to create or manage applications, APIs, users, roles, organizations, actions, log streams, custom domains, or Universal Login configuration, or when you need to call the Auth0 Management API directly. Trigger on prompts like \"create an Auth0 app\", \"list my Auth0 users\", \"assign a role\", \"set up an organization\", \"deploy an action\", \"configure a custom domain\", \"generate Terraform for Auth0\", \"stream Auth0 logs\", \"call the Management API\", or any task involving the auth0 CLI tool.","auth0-cli",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-cli/SKILL.md",[479,480],{"path":406,"priority":324},{"path":481,"priority":341},"references/cli.md",{"basePath":483,"description":484,"displayName":485,"installMethods":486,"rationale":487,"selectedPaths":488,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-expo","Use when adding authentication to Expo (React Native) mobile apps — login, logout, user sessions, protected routes, biometrics, or token management. Integrates react-native-auth0 SDK with Expo Config Plugin for native iOS/Android builds. Trigger for any Expo project needing Auth0, including app.json plugin config, custom scheme setup, or credential management. Do NOT use for bare React Native CLI projects (use auth0-react-native), React web apps (use auth0-react), Next.js (use auth0-nextjs), or backend APIs.","auth0-expo",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-expo/SKILL.md",[489,490,491,492,493,495,497,499,501,503,505,507,509,511],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"path":494,"priority":409},"scripts/bootstrap.mjs",{"path":496,"priority":409},"scripts/package.json",{"path":498,"priority":409},"scripts/utils/app-json-writer.mjs",{"path":500,"priority":409},"scripts/utils/auth0-api.mjs",{"path":502,"priority":409},"scripts/utils/change-plan.mjs",{"path":504,"priority":409},"scripts/utils/clients.mjs",{"path":506,"priority":409},"scripts/utils/connections.mjs",{"path":508,"priority":409},"scripts/utils/discovery.mjs",{"path":510,"priority":409},"scripts/utils/helpers.mjs",{"path":512,"priority":409},"scripts/utils/validation.mjs",{"basePath":514,"description":515,"displayName":516,"installMethods":517,"rationale":518,"selectedPaths":519,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-express","Use when adding authentication (login, logout, protected routes) to Express.js web applications - integrates express-openid-connect for session-based auth.","auth0-express",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-express/SKILL.md",[520,521,522,523],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"basePath":525,"description":526,"displayName":527,"installMethods":528,"rationale":529,"selectedPaths":530,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-fastapi-api","Use when securing FastAPI API endpoints with JWT Bearer token validation, scope/permission checks, or stateless auth - integrates auth0-fastapi-api for REST APIs receiving access tokens from SPAs, mobile apps, or other clients. Also handles DPoP proof-of-possession token binding. Triggers on: Auth0FastAPI, FastAPI API auth, JWT validation, require_auth, DPoP.","auth0-fastapi-api",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-fastapi-api/SKILL.md",[531,532,533,534],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"basePath":536,"description":537,"displayName":538,"installMethods":539,"rationale":540,"selectedPaths":541,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-fastify","Use when adding authentication (login, logout, protected routes) to Fastify web applications - integrates @auth0/auth0-fastify for session-based auth. For stateless Fastify APIs use auth0-fastify-api instead.","auth0-fastify",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-fastify/SKILL.md",[542],{"path":406,"priority":324},{"basePath":544,"description":545,"displayName":546,"installMethods":547,"rationale":548,"selectedPaths":549,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-fastify-api","Use when securing Fastify API endpoints with JWT Bearer token validation, scope/permission checks, or stateless auth - integrates @auth0/auth0-fastify-api for REST APIs receiving access tokens from frontends or mobile apps.","auth0-fastify-api",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-fastify-api/SKILL.md",[550],{"path":406,"priority":324},{"basePath":552,"description":553,"displayName":554,"installMethods":555,"rationale":556,"selectedPaths":557,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-flask","Use when adding login, logout, and user profile to a Flask web application using session-based authentication - integrates auth0-server-python for server-rendered apps with login/callback/profile/logout flows.","auth0-flask",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-flask/SKILL.md",[558,559,560,561],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"basePath":563,"description":564,"displayName":565,"installMethods":566,"rationale":567,"selectedPaths":568,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-ionic-angular","Use when adding Auth0 authentication to an Ionic Angular application with Capacitor — integrates @auth0/auth0-angular SDK with Capacitor Browser and App plugins for native iOS/Android deep linking, login, logout, and user profile display.","auth0-ionic-angular",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-ionic-angular/SKILL.md",[569,570,571,572],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"basePath":574,"description":575,"displayName":576,"installMethods":577,"rationale":578,"selectedPaths":579,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-ionic-react","Use when adding Auth0 authentication to an Ionic React application with Capacitor — integrates @auth0/auth0-react SDK with Capacitor Browser and App plugins for native iOS/Android deep linking, login, logout, and user profile display.","auth0-ionic-react",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-ionic-react/SKILL.md",[580,581,582,583],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"basePath":585,"description":586,"displayName":587,"installMethods":588,"rationale":589,"selectedPaths":590,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-ionic-vue","Use when adding Auth0 authentication to an Ionic Vue application with Capacitor — integrates @auth0/auth0-vue SDK with Capacitor Browser and App plugins for native iOS/Android deep linking, login, logout, and user profile display.","auth0-ionic-vue",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-ionic-vue/SKILL.md",[591,592,593,594],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"basePath":596,"description":597,"displayName":598,"installMethods":599,"rationale":600,"selectedPaths":601,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-java-mvc-common","Use when adding Auth0 login, logout, and callback handling to Java Servlet web applications - integrates com.auth0:mvc-auth-commons SDK for server-side Java apps using javax.servlet with session-based authentication. Triggers on AuthenticationController, AuthorizeUrl, Tokens, IdentityVerificationException, Java MVC auth.","auth0-java-mvc-common",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-java-mvc-common/SKILL.md",[602,603,604,605],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"basePath":607,"description":608,"displayName":609,"installMethods":610,"rationale":611,"selectedPaths":612,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-mfa","Use when adding MFA, 2FA, TOTP, SMS codes, push notifications, passkeys, or when requiring step-up verification for sensitive operations or meeting compliance requirements (HIPAA, PCI-DSS) - covers adaptive and risk-based authentication with Auth0.","auth0-mfa",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-mfa/SKILL.md",[613,614,616,617,619],{"path":406,"priority":324},{"path":615,"priority":341},"references/advanced.md",{"path":445,"priority":341},{"path":618,"priority":341},"references/backend.md",{"path":620,"priority":341},"references/examples.md",{"basePath":622,"description":623,"displayName":624,"installMethods":625,"rationale":626,"selectedPaths":627,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-migration","Use when migrating or switching from an existing auth provider (Firebase, Cognito, Supabase, Clerk, custom auth) to Auth0 - covers bulk user import, gradual migration strategies, code migration patterns, and JWT validation updates.","auth0-migration",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-migration/SKILL.md",[628,629,631],{"path":406,"priority":324},{"path":630,"priority":341},"references/code-patterns.md",{"path":632,"priority":341},"references/user-import.md",{"basePath":634,"description":635,"displayName":636,"installMethods":637,"rationale":638,"selectedPaths":639,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-nextjs","Use when adding authentication to Next.js applications (login, logout, protected pages, middleware, server components) - supports App Router and Pages Router with @auth0/nextjs-auth0 SDK.","auth0-nextjs",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-nextjs/SKILL.md",[640,641,642,643],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"basePath":645,"description":646,"displayName":647,"installMethods":648,"rationale":649,"selectedPaths":650,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-nuxt","Use when implementing Auth0 authentication in Nuxt 3/4 applications, configuring session management, protecting routes with middleware, or integrating API access tokens - provides setup patterns, composable usage, and security best practices for the @auth0/auth0-nuxt SDK","auth0-nuxt",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-nuxt/SKILL.md",[651,652,653,655],{"path":406,"priority":324},{"path":620,"priority":341},{"path":654,"priority":341},"references/route-protection.md",{"path":656,"priority":341},"references/session-stores.md",{"basePath":658,"description":659,"displayName":660,"installMethods":661,"rationale":662,"selectedPaths":663,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-quickstart","Use when adding authentication or login to any app - detects your stack (React, Next.js, Vue, Nuxt, Angular, Express, Fastify, FastAPI, ASP.NET Core, React Native, Expo, Android, Swift), sets up an Auth0 account if needed, and routes to the correct SDK setup workflow.","auth0-quickstart",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-quickstart/SKILL.md",[664,665,666,668],{"path":406,"priority":324},{"path":481,"priority":341},{"path":667,"priority":341},"references/concepts.md",{"path":669,"priority":341},"references/environments.md",{"basePath":671,"description":672,"displayName":673,"installMethods":674,"rationale":675,"selectedPaths":676,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-react","Use when adding authentication to React applications (login, logout, user sessions, protected routes) - integrates @auth0/auth0-react SDK for SPAs with Vite or Create React App","auth0-react",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-react/SKILL.md",[677,678,679,680],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"basePath":682,"description":683,"displayName":684,"installMethods":685,"rationale":686,"selectedPaths":687,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-react-native","Use when adding authentication to React Native or Expo mobile apps (iOS/Android) with biometric support - integrates react-native-auth0 SDK with native deep linking","auth0-react-native",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-react-native/SKILL.md",[688,689,690,692],{"path":406,"priority":324},{"path":445,"priority":341},{"path":691,"priority":341},"references/patterns.md",{"path":449,"priority":341},{"basePath":694,"description":695,"displayName":696,"installMethods":697,"rationale":698,"selectedPaths":699,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-spa-js","Use when adding authentication to Vanilla JS, Svelte, or any framework-agnostic single-page applications - integrates @auth0/auth0-spa-js SDK for SPAs without framework-specific wrappers","auth0-spa-js",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-spa-js/SKILL.md",[700,701,702,703,704,705,706,707,708,709,710,711,713,714],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"path":494,"priority":409},{"path":496,"priority":409},{"path":500,"priority":409},{"path":502,"priority":409},{"path":504,"priority":409},{"path":506,"priority":409},{"path":508,"priority":409},{"path":712,"priority":409},"scripts/utils/env-writer.mjs",{"path":510,"priority":409},{"path":512,"priority":409},{"basePath":716,"description":717,"displayName":718,"installMethods":719,"rationale":720,"selectedPaths":721,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-springboot-api","Use when securing Spring Boot API endpoints with JWT Bearer token validation, scope-based authorization, or DPoP proof-of-possession - integrates com.auth0:auth0-springboot-api SDK for REST APIs receiving access tokens from frontends or mobile apps. Triggers on Auth0AuthenticationFilter, Spring Boot API auth, JWT validation, SecurityFilterChain, hasAuthority SCOPE.","auth0-springboot-api",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-springboot-api/SKILL.md",[722,723,724,725],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"basePath":727,"description":728,"displayName":729,"installMethods":730,"rationale":731,"selectedPaths":732,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-swift","Use when adding Auth0 authentication to an iOS, macOS, tvOS, watchOS, or visionOS application — integrates the Auth0.swift SDK for native Apple platform authentication using Web Auth, CredentialsManager, and biometric protection.","auth0-swift",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-swift/SKILL.md",[733,734,735,736,737,738,739,740,741,742,743,744,746,747,749,750,752],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"path":494,"priority":409},{"path":496,"priority":409},{"path":500,"priority":409},{"path":502,"priority":409},{"path":504,"priority":409},{"path":506,"priority":409},{"path":508,"priority":409},{"path":745,"priority":409},"scripts/utils/entitlements.mjs",{"path":510,"priority":409},{"path":748,"priority":409},"scripts/utils/plist-writer.mjs",{"path":512,"priority":409},{"path":751,"priority":409},"scripts/utils/xcode-modify.rb",{"path":753,"priority":409},"scripts/utils/xcode-project.mjs",{"basePath":755,"description":756,"displayName":757,"installMethods":758,"rationale":759,"selectedPaths":760,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/auth0-vue","Use when adding authentication to Vue.js 3 applications (login, logout, user sessions, protected routes) - integrates @auth0/auth0-vue SDK for SPAs with Vite or Vue CLI","auth0-vue",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/auth0-vue/SKILL.md",[761,762,763,764],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"basePath":265,"description":10,"displayName":267,"installMethods":766,"rationale":767,"selectedPaths":768,"source":330,"sourceLanguage":18,"type":268},{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/express-oauth2-jwt-bearer/SKILL.md",[769,770,771,772,773,774,775,777,778,779,780,781,782],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"path":494,"priority":409},{"path":496,"priority":409},{"path":776,"priority":409},"scripts/utils/apis.mjs",{"path":500,"priority":409},{"path":502,"priority":409},{"path":508,"priority":409},{"path":712,"priority":409},{"path":510,"priority":409},{"path":512,"priority":409},{"basePath":784,"description":785,"displayName":786,"installMethods":787,"rationale":788,"selectedPaths":789,"source":330,"sourceLanguage":18,"type":268},"plugins/auth0/skills/go-jwt-middleware","Use when securing Go HTTP API endpoints with JWT Bearer token validation, scope/permission checks, or stateless auth. Integrates github.com/auth0/go-jwt-middleware/v3 for REST APIs receiving access tokens from frontends or mobile apps. Also handles DPoP proof-of-possession token binding. Triggers on jwtmiddleware, go-jwt-middleware, Go API auth, JWT validation, CheckJWT.","go-jwt-middleware",{"claudeCode":12},"SKILL.md frontmatter at plugins/auth0/skills/go-jwt-middleware/SKILL.md",[790,791,792,793],{"path":406,"priority":324},{"path":445,"priority":341},{"path":447,"priority":341},{"path":449,"priority":341},{"sources":795},[796],"manual",{"closedIssues90d":252,"description":798,"forks":253,"license":259,"openIssues90d":255,"pushedAt":256,"readmeSize":250,"stars":257,"topics":799},"Auth0 Agent Skills",[],{"classifiedAt":801,"discoverAt":802,"extractAt":803,"githubAt":803,"updatedAt":801},1778682677094,1778682673018,1778682675635,[228,222,224,225,223,226,227],{"evaluatedAt":263,"extractAt":303,"updatedAt":263},[],[808,825,855,873,891,910],{"_creationTime":809,"_id":810,"community":811,"display":812,"identity":814,"providers":815,"relations":821,"tags":822,"workflow":823},1778682677410.035,"k17a8h3wj2pvee6cykczjfvb7d86n9we",{"reviewCount":8},{"description":646,"installMethods":813,"name":647,"sourceUrl":14},{"claudeCode":12},{"basePath":645,"githubOwner":222,"githubRepo":266,"locale":18,"slug":647,"type":268},{"evaluate":816,"extract":820},{"promptVersionExtension":215,"promptVersionScoring":216,"score":219,"tags":817,"targetMarket":229,"tier":230},[222,818,224,287,819,227],"nuxt","typescript",{"commitSha":294},{"parentExtensionId":271,"repoId":299},[222,224,818,227,819,287],{"evaluatedAt":824,"extractAt":303,"updatedAt":824},1778683222653,{"_creationTime":826,"_id":827,"community":828,"display":829,"identity":835,"providers":840,"relations":846,"tags":850,"workflow":851},1778694990469.487,"k176n6442s9c9fdjac88vvqh0s86n5m0",{"reviewCount":8},{"description":830,"installMethods":831,"name":833,"sourceUrl":834},"Verwenden Sie dies, wenn die Aufgabe Authentifizierung, Benutzerregistrierungen, Anmeldungen, Passwortwiederherstellung, OAuth-Anbieter, rollenbasierte Zugriffskontrolle oder den Schutz von Routen und Funktionen beinhaltet. Verwenden Sie immer `@netlify/identity`. Verwenden Sie niemals `netlify-identity-widget` oder `gotrue-js` – diese sind veraltet.",{"claudeCode":832},"netlify/context-and-tools","netlify-identity","https://github.com/netlify/context-and-tools",{"basePath":836,"githubOwner":837,"githubRepo":838,"locale":839,"slug":833,"type":268},"skills/netlify-identity","netlify","context-and-tools","de",{"evaluate":841,"extract":845},{"promptVersionExtension":215,"promptVersionScoring":216,"score":219,"tags":842,"targetMarket":229,"tier":230},[224,837,843,844,819,228],"identity","javascript",{"commitSha":294},{"parentExtensionId":847,"repoId":848,"translatedFrom":849},"k1714spp30a0rvg5y3yjga772n86nmps","kd7b1ncy2zzzfws29grdt8heb986ntzq","k17f1596a2t00btq1hfksssg0s86n6ej",[228,224,843,844,837,819],{"evaluatedAt":852,"extractAt":853,"updatedAt":854},1778694839805,1778694599571,1778694990469,{"_creationTime":856,"_id":857,"community":858,"display":859,"identity":862,"providers":863,"relations":869,"tags":870,"workflow":871},1778682677410.036,"k175ceb6bs7yjnm2q2x7m611n986nmja",{"reviewCount":8},{"description":695,"installMethods":860,"name":861,"sourceUrl":14},{"claudeCode":12},"Auth0 SPA JS Integration",{"basePath":694,"githubOwner":222,"githubRepo":266,"locale":18,"slug":696,"type":268},{"evaluate":864,"extract":868},{"promptVersionExtension":215,"promptVersionScoring":216,"score":219,"tags":865,"targetMarket":229,"tier":230},[224,222,286,844,866,867],"svelte","configuration",{"commitSha":294,"license":259},{"parentExtensionId":271,"repoId":299},[222,224,867,844,286,866],{"evaluatedAt":872,"extractAt":303,"updatedAt":872},1778683297591,{"_creationTime":874,"_id":875,"community":876,"display":877,"identity":880,"providers":881,"relations":887,"tags":888,"workflow":889},1778682677410.0347,"k17cts1j65mahq0p4y7cagrsnd86ndxf",{"reviewCount":8},{"description":635,"installMethods":878,"name":879,"sourceUrl":14},{"claudeCode":12},"Auth0 Next.js",{"basePath":634,"githubOwner":222,"githubRepo":266,"locale":18,"slug":636,"type":268},{"evaluate":882,"extract":886},{"promptVersionExtension":215,"promptVersionScoring":216,"score":219,"tags":883,"targetMarket":229,"tier":230},[884,222,224,819,885],"nextjs","web-development",{"commitSha":294,"license":259},{"parentExtensionId":271,"repoId":299},[222,224,884,819,885],{"evaluatedAt":890,"extractAt":303,"updatedAt":890},1778683195282,{"_creationTime":892,"_id":893,"community":894,"display":895,"identity":897,"providers":898,"relations":906,"tags":907,"workflow":908},1778682677410.034,"k174gmqbt8gyvhspqhe1hq0ems86ngmb",{"reviewCount":8},{"description":597,"installMethods":896,"name":598,"sourceUrl":14},{"claudeCode":12},{"basePath":596,"githubOwner":222,"githubRepo":266,"locale":18,"slug":598,"type":268},{"evaluate":899,"extract":905},{"promptVersionExtension":215,"promptVersionScoring":216,"score":219,"tags":900,"targetMarket":229,"tier":230},[222,901,902,224,903,904],"java","servlet","oauth2","oidc",{"commitSha":294},{"parentExtensionId":271,"repoId":299},[222,224,901,903,904,902],{"evaluatedAt":909,"extractAt":303,"updatedAt":909},1778683121234,{"_creationTime":911,"_id":912,"community":913,"display":914,"identity":916,"providers":917,"relations":924,"tags":925,"workflow":926},1778682677410.033,"k178hshhjvwg46t7wgtj81gr2986n7ww",{"reviewCount":8},{"description":553,"installMethods":915,"name":554,"sourceUrl":14},{"claudeCode":12},{"basePath":552,"githubOwner":222,"githubRepo":266,"locale":18,"slug":554,"type":268},{"evaluate":918,"extract":923},{"promptVersionExtension":215,"promptVersionScoring":216,"score":219,"tags":919,"targetMarket":229,"tier":230},[920,222,224,885,921,922],"flask","python","session-management",{"commitSha":294},{"parentExtensionId":271,"repoId":299},[222,224,920,921,922,885],{"evaluatedAt":927,"extractAt":303,"updatedAt":927},1778683012001]