Scalekit Authentication Skill
A comprehensive Claude skill for implementing Scalekit authentication across web applications, APIs, and MCP servers.
Overview
This skill provides complete guidance for three authentication implementation paths:
- Full-Stack Authentication - Complete auth system for web apps
- Modular SSO - Add Enterprise SSO (SAML/OIDC) to existing applications
- MCP Server Authentication - Secure Model Context Protocol servers with OAuth 2.1
Quick Navigation
Implementation Paths:
Getting Started:
Implementation Paths
Full-Stack Authentication
Complete authentication system for web applications.
Use when:
- Building a new application
- Replacing existing authentication
- Need social login + enterprise SSO
- Want Scalekit to manage everything
What's included:
- User sign-up, login, logout
- Session management with tokens
- Token refresh handling
- Social login (Google, GitHub, Microsoft)
- Enterprise SSO (SAML/OIDC)
Frameworks:
- ✅ Node.js + Express
- ✅ Next.js (App Router)
- ✅ Python + FastAPI
Get started: full-stack-auth/quickstart.md
Modular SSO
Add Enterprise SSO to your existing authentication system.
Use when:
- You already have authentication (passwords, sessions, etc.)
- Enterprise customers require SSO via SAML or OIDC
- You want to keep your existing user database
- No migration of users or auth logic needed
What's included:
- SAML/OIDC protocol handling
- Integration with Auth0, Firebase, AWS Cognito
- Keep your existing sessions and tokens
- Enterprise customer self-service portal
- Domain verification for automatic routing
Frameworks:
- ✅ Node.js + Express
- ✅ Next.js (App Router)
- 🚧 Python + FastAPI (Coming)
Get started: modular-sso/quickstart.md
MCP Server Authentication
Secure Model Context Protocol servers with OAuth 2.1.
Use when:
- Building an MCP server (for Claude Desktop, Cursor, VS Code)
- Need OAuth 2.1 compliance
- Want to control access with scopes
- Supporting multiple authentication methods
Two approaches:
1. OAuth 2.1 with Scalekit (Recommended)
- Scalekit manages all authentication
- OAuth server included
- Discovery endpoint automatic
- Multiple auth methods (email, social, SSO)
Get started: mcp-auth/oauth-quickstart.md
Framework Templates:
- ✅ Python + FastMCP (template)
- ✅ Node.js + Express
- ✅ Next.js (App Router)
- ✅ Python + FastAPI
- ✅ Go
2. Custom Auth Integration
- Use your existing authentication system
- Scalekit provides OAuth layer
- You control user verification
- Federated authentication flow
Get started: mcp-auth/custom-auth-integration.md
Installation
For Claude Code (Plugin) - Recommended
Install as a Claude Code plugin for the best experience:
git clone https://github.com/scalekit-inc/claude-auth-skill.git
cd claude-auth-skill
# Add as marketplace and install plugin
claude plugin marketplace add .
claude plugin install scalekit-auth@scalekit-marketplace
Features:
- Auto-activating skill when you mention Scalekit
/scalekit command for quick help/scalekit-init for interactive setup/scalekit-validate to test configuration
See PLUGIN.md for complete plugin documentation.
For Claude API (Workspace-Wide)
git clone https://github.com/scalekit-inc/claude-auth-skill.git
cd claude-auth-skill
python install_skill.py
Requirements:
- Python 3.7+
- Anthropic API key
pip install anthropic python-dotenv
For Claude Code (Local Skill)
git clone https://github.com/scalekit-inc/claude-auth-skill.git
cd claude-auth-skill
./install_local.sh
Choose installation location:
- Global:
~/.claude/skills/ (all projects)
- Project:
.claude/skills/ (current project only)
Testing the Skill
Quick Test (5 minutes)
# 1. Install the skill (see above)
# 2. Test with Claude
claude
> "Help me implement Scalekit authentication in Express"
# ✅ Success: Claude provides Scalekit-specific code
# ❌ Failure: Claude gives generic OAuth advice
Comprehensive Testing
See TESTING.md for full test suite with 20+ scenarios.
Directory Structure