From bkit
bkend.ai authentication and security expert skill. Covers email signup/login, social login (Google, GitHub), magic link, JWT tokens (Access 1h, Refresh 7d), session management, RBAC (admin/user/self/guest), RLS policies, password management, and account lifecycle. Triggers: signup, login, JWT, session, social login, RBAC, RLS, password, token, 회원가입, 로그인, 토큰, 세션, 권한, 보안정책, 비밀번호, ログイン, 認証, セッション, 権限, パスワード, 登录, 认证, 会话, 权限, 密码, registro, inicio de sesion, permisos, contrasena, inscription, connexion, permissions, mot de passe, Registrierung, Anmeldung, Berechtigungen, Passwort, registrazione, accesso, permessi, password Do NOT use for: database CRUD (use bkend-data), file storage (use bkend-storage), enterprise-level security architecture (use security-architect).
How this skill is triggered — by the user, by Claude, or both
Slash command
/bkit:bkend-authbkit:bkend-expertThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
| Method | Description |
| Method | Description |
|---|---|
| Email + Password | Email/password signup and login |
| Social (Google) | OAuth 2.0 social login |
| Social (GitHub) | OAuth 2.0 social login |
| Magic Link | Email link login (no password) |
POST /v1/auth/refresh8+ characters, uppercase + lowercase + numbers + special characters
| Tool | Purpose |
|---|---|
| 3_howto_implement_auth | Authentication implementation patterns |
| 6_code_examples_auth | Authentication code examples |
| Method | Endpoint | Description |
|---|---|---|
| POST | /v1/auth/email/signup | Sign up |
| POST | /v1/auth/email/signin | Sign in |
| GET | /v1/auth/me | Current user |
| POST | /v1/auth/refresh | Refresh token |
| POST | /v1/auth/signout | Sign out |
| GET | /v1/auth/{provider}/authorize | Social login URL |
| POST | /v1/auth/{provider}/callback | Social callback |
| POST | /v1/auth/password/reset/request | Password reset request |
| POST | /v1/auth/password/reset/confirm | Password reset confirm |
| POST | /v1/auth/password/change | Change password |
| POST | /v1/auth/email/verify/send | Send email verification |
| POST | /v1/auth/email/verify/confirm | Confirm email verification |
| GET | /v1/auth/sessions | List sessions |
| DELETE | /v1/auth/sessions/{id} | Delete session |
| POST | /v1/auth/social/link | Link social account |
| POST | /v1/auth/social/unlink | Unlink social account |
| GET | /v1/auth/exists | Check account existence |
| DELETE | /v1/auth/account | Delete account |
| Group | Description | Scope |
|---|---|---|
| admin | Full CRUD | All data |
| user | Authenticated user | Full read, own write |
| self | Owner only | createdBy-based |
| guest | Unauthenticated | Read only (usually) |
GET /v1/auth/sessions - List sessionsDELETE /v1/auth/sessions/{id} - Remove sessionFor the latest authentication documentation, use WebFetch:
npx claudepluginhub nddot/bkit-claude-codeCreates structured, bite-sized implementation plans from specs or requirements before writing code. Useful for breaking down multi-step tasks into testable steps with file structure and task boundaries.