How do I install api-authentication?

Run `npx skills add https://github.com/aj-geddes/useful-ai-prompts --skill api-authentication` in your terminal. You need to have run `npx skills init` once in your project first.

Which agent frameworks does api-authentication support?

api-authentication works with any agent framework supported by the Skills registry, including Claude Code, Cursor, GitHub Copilot, Cline, Codex, and Gemini CLI.

Is api-authentication free to use?

Yes. api-authentication is free to install and use. It is available from the open explainx.ai skill registry published by aj-geddes.

Where can I read ratings and reviews for api-authentication?

Community ratings and review text appear on this explainx.ai skill page below the description. Reviews use a 1–5 scale and may include short written feedback from signed-in members.

Backend

api-authentication▌

aj-geddes/useful-ai-prompts · updated Apr 8, 2026

$npx skills add https://github.com/aj-geddes/useful-ai-prompts --skill api-authentication

0 commentsdiscussion

summary

Implement comprehensive authentication strategies for APIs including JWT tokens, OAuth 2.0, API keys, and session management with proper security practices.

skill.md

API Authentication

Overview
When to Use
Quick Start
Reference Guides
Best Practices

Overview

Implement comprehensive authentication strategies for APIs including JWT tokens, OAuth 2.0, API keys, and session management with proper security practices.

When to Use

Securing API endpoints
Implementing user login/logout flows
Managing access tokens and refresh tokens
Integrating OAuth 2.0 providers
Protecting sensitive data
Implementing API key authentication

Quick Start

Minimal working example:

// Node.js JWT Implementation
const express = require('express');
const jwt = require('jsonwebtoken');
const bcrypt = require('bcrypt');

const app = express();
const SECRET_KEY = process.env.JWT_SECRET || 'your-secret-key';
const REFRESH_SECRET = process.env.REFRESH_SECRET || 'your-refresh-secret';

// User login endpoint
app.post('/api/auth/login', async (req, res) => {
  try {
    const { email, password } = req.body;

    // Find user in database
    const user = await User.findOne({ email });
    if (!user) {
      return res.status(401).json({ error: 'Invalid credentials' });
    }

    // Verify password
    const isValid = await bcrypt.compare(password, user.password);
    if (!isValid) {
      return res.status(401).json({ error: 'Invalid credentials' });
    }
// ... (see reference guides for full implementation)

Reference Guides

Detailed implementations in the references/ directory:

Guide	Contents
JWT Authentication	JWT Authentication
OAuth 2.0 Implementation	OAuth 2.0 Implementation
API Key Authentication	API Key Authentication
Python Authentication Implementation	Python Authentication Implementation

Best Practices

✅ DO

Use HTTPS for all authentication
Store tokens securely (HttpOnly cookies)
Implement token refresh mechanism
Set appropriate token expiration times
Hash and salt passwords
Use strong secret keys
Validate tokens on every request
Implement rate limiting on auth endpoints
Log authentication attempts
Rotate secrets regularly

❌ DON'T

Store passwords in plain text
Send tokens in URL parameters
Use weak secret keys
Store sensitive data in JWT payload
Ignore token expiration
Disable HTTPS in production
Log sensitive tokens
Reuse API keys across services
Store credentials in code

Discussion

Product Hunt–style comments (not star reviews)

No comments yet — start the thread.

general reviews

Ratings

4.6★★★★★62 reviews

★★★★★Ganesh Mohane· Dec 24, 2024
api-authentication fits our agent workflows well — practical, well scoped, and easy to wire into existing repos.
★★★★★Mia Okafor· Dec 24, 2024
We added api-authentication from the explainx registry; install was straightforward and the SKILL.md answered most questions upfront.
★★★★★Arya Ghosh· Dec 24, 2024
Registry listing for api-authentication matched our evaluation — installs cleanly and behaves as described in the markdown.
★★★★★Lucas Lopez· Dec 20, 2024
Solid pick for teams standardizing on skills: api-authentication is focused, and the summary matches what you get after install.
★★★★★Shikha Mishra· Dec 16, 2024
Useful defaults in api-authentication — fewer surprises than typical one-off scripts, and it plays nicely with `npx skills` flows.
★★★★★Noah Malhotra· Dec 8, 2024
I recommend api-authentication for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.
★★★★★Omar Srinivasan· Dec 8, 2024
Keeps context tight: api-authentication is the kind of skill you can hand to a new teammate without a long onboarding doc.
★★★★★Noah Johnson· Nov 27, 2024
Solid pick for teams standardizing on skills: api-authentication is focused, and the summary matches what you get after install.
★★★★★Noah Khanna· Nov 15, 2024
Keeps context tight: api-authentication is the kind of skill you can hand to a new teammate without a long onboarding doc.
★★★★★Mia Mensah· Nov 11, 2024
I recommend api-authentication for anyone iterating fast on agent tooling; clear intent and a small, reviewable surface area.

showing 1-10 of 62

1 / 7