ReddRadar
Agent skill
bkend-auth
bkend.ai authentication — email/social login, JWT tokens, RBAC, session management. Triggers: bkend auth, login, signup, JWT, RBAC, 인증, 로그인, 회원가입.
Install this agent skill to your Project
npx add-skill https://github.com/popup-studio-ai/bkit-claude-code/tree/main/skills/bkend-auth
SKILL.md
bkend.ai Authentication & Security Guide
Auth Methods
| Method | Description |
|---|---|
| Email + Password | Email/password signup and login |
| Social (Google) | OAuth 2.0 social login |
| Social (GitHub) | OAuth 2.0 social login |
| Magic Link | Email link login (no password) |
JWT Token Structure
- Access Token: 1 hour validity
- Refresh Token: 7 days validity
- Auto-refresh:
POST /v1/auth/refresh
Password Policy
8+ characters, uppercase + lowercase + numbers + special characters
MCP Auth Workflow
bkend MCP does NOT have dedicated auth tools. Use this workflow:
- Search docs:
search_docswith query "email signup" or "social login" - Get examples:
search_docswith query "auth code examples" - Generate code: AI generates REST API code based on search results
Searchable Auth Docs
| Doc ID | Content |
|---|---|
3_howto_implement_auth |
Signup, login, token management guide |
6_code_examples_auth |
Email, social, magic link code examples |
Key Pattern
User: "Add social login"
→ search_docs(query: "social login implementation")
→ Returns auth guide with REST API patterns
→ AI generates social login code
REST Auth API (Core Endpoints)
For the complete endpoint list, use search_docs or check Live Reference.
| Method | Endpoint | Description |
|---|---|---|
| POST | /v1/auth/email/signup | Sign up |
| POST | /v1/auth/email/signin | Sign in |
| GET | /v1/auth/me | Current user |
| POST | /v1/auth/refresh | Refresh token |
| POST | /v1/auth/signout | Sign out |
| GET/POST | /v1/auth/:provider/callback | Social login callback |
| POST | /v1/auth/password/reset/request | Password reset |
| POST | /v1/auth/password/reset/confirm | Confirm reset |
| POST | /v1/auth/password/change | Change password |
| GET | /v1/auth/sessions | List sessions |
| DELETE | /v1/auth/sessions/:sessionId | Remove session |
| DELETE | /v1/auth/withdraw | Delete account |
Additional endpoints (MFA, invitations, user management): use search_docs or Live Reference.
RBAC (Role-Based Access Control)
| Group | Description | Scope |
|---|---|---|
| admin | Full CRUD | All data |
| user | Authenticated user | Full read, own write |
| self | Owner only | createdBy-based |
| guest | Unauthenticated | Read only (usually) |
RLS (Row Level Security)
- Per-table row-level access control
- 4-level policies: admin/user/self/guest
- Auto-filtering based on createdBy field
Session Management
- Per-device session tracking
GET /v1/auth/sessions- List sessionsDELETE /v1/auth/sessions/:sessionId- Remove session
Official Documentation (Live Reference)
For the latest authentication documentation, use WebFetch:
- Auth Overview: https://raw.githubusercontent.com/popup-studio-ai/bkend-docs/main/en/authentication/01-overview.md
- MCP Auth Guide: https://raw.githubusercontent.com/popup-studio-ai/bkend-docs/main/en/mcp/06-auth-tools.md
- Security: https://raw.githubusercontent.com/popup-studio-ai/bkend-docs/main/en/security/01-overview.md
- Full TOC: https://raw.githubusercontent.com/popup-studio-ai/bkend-docs/main/SUMMARY.md
Recommended Agent Skills
Expand your agent's capabilities with these related and highly-rated skills.
popup-studio-ai/bkit-claude-code
phase-5-design-system
popup-studio-ai/bkit-claude-code
zero-script-qa
Zero Script QA — test without scripts using structured JSON logging and Docker monitoring. Triggers: zero-script-qa, log testing, docker logs, QA, 제로 스크립트 QA.
popup-studio-ai/bkit-claude-code
phase-6-ui-integration
Implement frontend UI and integrate with backend APIs — state management and API clients. Triggers: UI integration, frontend-backend, API client, 프론트엔드 통합, UI 구현.
popup-studio-ai/bkit-claude-code
phase-3-mockup
Create UI/UX mockups and HTML/CSS/JS prototypes without a designer. Triggers: mockup, prototype, wireframe, UI design, 목업, 프로토타입.
popup-studio-ai/bkit-claude-code
desktop-app
Desktop app development guide — Electron and Tauri for cross-platform apps. Triggers: desktop app, Electron, Tauri, mac app, windows app, 데스크톱 앱.
popup-studio-ai/bkit-claude-code
btw
By-The-Way: 작업 중 개선 제안을 즉시 수집하고 관리하는 스킬. Triggers: /btw, /btw list, /btw analyze, /btw promote, /btw stats Keywords: btw, 개선, 제안, suggestion, improve, idea, feedback
Didn't find tool you were looking for?