Search everything...

Stats

Actions

Available In

Help us improve

Share bugs, ideas, or general feedback.

duende-skills - Claude Code Plugin | ClaudePluginHub

Plugin

duende-skills

Name: duende-skills
Author: duendesoftware

By DuendeSoftware

Duende development skills and agents for Claude Code — covering OAuth/OIDC protocols, IdentityServer, token management, ASP.NET Core authentication/authorization, BFF patterns, and secure identity architecture

npx claudepluginhub duendesoftware/duende-skills --plugin duende-skills

Popularity

Stars

Top 25%

Med: 0·Avg: 274

Installs

Med: 0·Avg: 1

What's Inside

Agents2

identity-server-specialist

/identity-server-specialist

Expert in Duende IdentityServer configuration, deployment, and troubleshooting. Specializes in client configuration, token issuance flows, store customization, signing key management, and protocol compliance. Use for diagnosing authentication failures, token validation issues, and IdentityServer architecture decisions.

oauth-oidc-specialist

/oauth-oidc-specialist

Expert in OAuth 2.0 and OpenID Connect protocol specifications, security best practices, and compliance. Specializes in flow selection, token security, protocol-level debugging, and standards compliance. Use for protocol design decisions, security reviews, and debugging token/auth flows at the HTTP level.

Skills22

claims-authorization

/claims-authorization

Claims transformation and profile service patterns for Duende IdentityServer — IProfileService, IClaimsTransformation, claim type mapping, token claim filtering, extension grant validators, and dynamic claims loading.

duende-bff

/duende-bff

Duende BFF (Backend for Frontend) security framework for securing SPAs. Covers session management, API endpoint proxying, token management, anti-forgery protection, and integration with React/Angular/Blazor frontends.

identity-security-hardening

/identity-security-hardening

Security hardening for Duende IdentityServer deployments including signing key rotation, HTTPS enforcement, CORS configuration, CSP headers, rate limiting, token lifetime tuning, and security audit patterns.

identity-testing-patterns

/identity-testing-patterns

Testing patterns for IdentityServer-based systems including integration testing with WebApplicationFactory, mock token issuance, test authority configuration, protocol response validation, and end-to-end authentication flow testing.

identityserver-api-protection

/identityserver-api-protection

Protecting APIs with Duende IdentityServer: JWT bearer authentication, reference token introspection, scope-based authorization, DPoP/mTLS proof-of-possession validation, local API authentication, and multi-audience scenarios.

Stats

Version0.1.0

LanguageShell

Stars6

Forks2

MaintenanceExcellent

Last CommitApr 20, 2026

AddedMar 28, 2026

Actions

View on GitHub View README Plugin Marketplace JSON

Own this plugin?

Verify ownership to unlock analytics, metadata editing, and a verified badge.

Available In

claude-plugins-official29,090 duende-skills4 ccode-personal-plugins

Safety Signals

Caution

Uses power tools

Uses Bash, Write, or Edit tools

Help us improve

Share bugs, ideas, or general feedback.

README

Duende Agent Skills

A set of agent skills and specialized agents for Duende IdentityServer, Backend-for-Frontend (BFF), and identity/access management development. Covers OAuth 2.0, OpenID Connect, Duende, token management, ASP.NET Core authentication and authorization, and related skills needed to build production-grade identity infrastructure.

Your Feedback 🗣️

We would love to hear your feedback about these skills! What's working? What's not? What's missing?

For questions, feedback, or community discussions, visit the Duende Community.

Installation

You can use several AI coding assistants that support skills/agents.

Claude Code (CLI)

Official Docs

Run these commands inside the Claude Code CLI:

/plugin marketplace add DuendeSoftware/duende-skills
/plugin install duende-skills

To update:

/plugin marketplace update

Recommended: Also install dotnet-skills for general .NET development coverage:
/plugin marketplace add Aaronontheweb/dotnet-skills
/plugin install dotnet-skills

GitHub Copilot

Official Docs

Clone or copy skills to your project or global config:

Project-level (recommended):

git clone https://github.com/DuendeSoftware/duende-skills.git /tmp/duende-skills
cp -r /tmp/duende-skills/skills/* .github/skills/

Global (all projects):

mkdir -p ~/.copilot/skills
cp -r /tmp/duende-skills/skills/* ~/.copilot/skills/

Recommended: Also install dotnet-skills for general .NET development coverage.

OpenCode

Official Docs

git clone https://github.com/DuendeSoftware/duende-skills.git /tmp/duende-skills

# Global installation (directory names must match frontmatter 'name' field)
mkdir -p ~/.config/opencode/skills ~/.config/opencode/agents
for skill_file in /tmp/duende-skills/skills/*/SKILL.md; do
  skill_dir=$(dirname "$skill_file")
  skill_name=$(grep -m1 "^name:" "$skill_file" | sed 's/name: *//')
  mkdir -p ~/.config/opencode/skills/$skill_name
  cp "$skill_file" ~/.config/opencode/skills/$skill_name/SKILL.md
  # Copy bundled resources (docs/, references/, etc.) if present
  find "$skill_dir" -mindepth 1 -maxdepth 1 -type d -exec cp -r {} ~/.config/opencode/skills/$skill_name/ \;
done
cp /tmp/duende-skills/agents/*.md ~/.config/opencode/agents/

Recommended: Also install dotnet-skills for general .NET development coverage.

Skills Library

Identity & OAuth

Skill	Description
`aspnetcore-authentication`	ASP.NET Core authentication middleware — OIDC, JWT Bearer, cookies, schemes, external providers
`aspnetcore-authorization`	ASP.NET Core authorization — policies, IAuthorizationHandler, scope-based API authz, minimal APIs
`claims-authorization`	Claims-based authorization — policies, requirement handlers, resource-based authz, claims transformation
`duende-bff`	Backend-for-Frontend security framework for SPAs — session management, API proxying, token management
`identity-security-hardening`	Security hardening — key rotation, HTTPS, CORS, CSP, rate limiting, token lifetime tuning

View full README on GitHub

Help us improve

Find plugins for your project

Help us improve

duende-skills

Popularity

What's Inside

Help us improve

Health & Quality

Confidence

README

Duende Agent Skills

Your Feedback 🗣️

Installation

Claude Code (CLI)

GitHub Copilot

OpenCode

Skills Library

Identity & OAuth

Similar Plugins

duende-ecosystem

api-authentication-builder

oauth-implementation

keycloak-authservices

workos

auth

Duende Agent Skills

Your Feedback 🗣️

Installation

Claude Code (CLI)

GitHub Copilot

OpenCode

Skills Library

Identity & OAuth