Stats
Actions
Tags
Help us improve
Share bugs, ideas, or general feedback.
From bkit — AI Native Development OS
Implements email/social login, JWT tokens, RBAC, and session management for bkend.ai applications. Use this guide to integrate authentication in your bkend.ai project.
npx claudepluginhub popup-studio-ai/bkit-claude-code --plugin bkitHow this skill is triggered — by the user, by Claude, or both
Slash command
/bkit:bkend-authbkit:bkend-expertThis skill is limited to the following tools:
The summary Claude sees in its skill listing — used to decide when to auto-load this skill
| Method | Description |
Implements authentication and authorization patterns: JWT, OAuth2, session management, RBAC. Helps secure APIs and debug auth issues.
Scaffold signin and signup authentication endpoints for a project. Use when the user wants to add authentication, create login/register flows, or set up auth from scratch.
Provides decision trees, JWT references, and patterns for authentication/authorization including OAuth2, sessions, RBAC, ABAC, passkeys, MFA. Use for secure login, tokens, access control.
Share bugs, ideas, or general feedback.
| Method | Description |
|---|---|
| Email + Password | Email/password signup and login |
| Social (Google) | OAuth 2.0 social login |
| Social (GitHub) | OAuth 2.0 social login |
| Magic Link | Email link login (no password) |
POST /v1/auth/refresh8+ characters, uppercase + lowercase + numbers + special characters
bkend MCP does NOT have dedicated auth tools. Use this workflow:
search_docs with query "email signup" or "social login"search_docs with query "auth code examples"| Doc ID | Content |
|---|---|
3_howto_implement_auth | Signup, login, token management guide |
6_code_examples_auth | Email, social, magic link code examples |
User: "Add social login"
→ search_docs(query: "social login implementation")
→ Returns auth guide with REST API patterns
→ AI generates social login code
For the complete endpoint list, use search_docs or check Live Reference.
| Method | Endpoint | Description |
|---|---|---|
| POST | /v1/auth/email/signup | Sign up |
| POST | /v1/auth/email/signin | Sign in |
| GET | /v1/auth/me | Current user |
| POST | /v1/auth/refresh | Refresh token |
| POST | /v1/auth/signout | Sign out |
| GET/POST | /v1/auth/:provider/callback | Social login callback |
| POST | /v1/auth/password/reset/request | Password reset |
| POST | /v1/auth/password/reset/confirm | Confirm reset |
| POST | /v1/auth/password/change | Change password |
| GET | /v1/auth/sessions | List sessions |
| DELETE | /v1/auth/sessions/:sessionId | Remove session |
| DELETE | /v1/auth/withdraw | Delete account |
Additional endpoints (MFA, invitations, user management): use search_docs or Live Reference.
| Group | Description | Scope |
|---|---|---|
| admin | Full CRUD | All data |
| user | Authenticated user | Full read, own write |
| self | Owner only | createdBy-based |
| guest | Unauthenticated | Read only (usually) |
GET /v1/auth/sessions - List sessionsDELETE /v1/auth/sessions/:sessionId - Remove sessionFor the latest authentication documentation, use WebFetch: