bknd-oauth-setup_skill

This skill helps you configure and integrate OAuth providers (Google, GitHub, and custom) in Bknd by guiding setup, env vars, and frontend flow.

2

GitHub Stars

1

Bundled Files

2 months ago

Catalog Refreshed

4 months ago

First Indexed

Readme & install

Copy the install command, review bundled files from the catalogue, and read any extended description pulled from the listing source.

Installation

Preview and clipboard use veilstrat where the catalogue uses aiagentskills.

npx veilstrat add skill cameronapak/bknd-skills --skill bknd-oauth-setup

  • SKILL.md14.2 KB

Overview

This skill helps you configure OAuth and social login providers for a Bknd application, covering Google, GitHub and custom providers. It explains required provider credentials, callback URLs, environment variables, and frontend integration patterns for both cookie and token flows. Use it to enable secure OAuth sign-in, registration, and multi-provider setups in Bknd projects.

How this skill works

The skill inspects provider requirements and guides you through adding strategies to bknd.config.ts and setting environment variables for client_id and client_secret. It describes built-in providers (google, github) and shows how to configure custom OAuth/OIDC servers with authorization, token, and userinfo endpoints. It also maps the exposed Bknd auth endpoints and shows both cookie-based (SSR) and token-based (SPA) frontend flows including callback handling and challenge verification.

When to use it

  • Setting up Google or GitHub OAuth for a Bknd app
  • Adding multiple providers or enabling password + OAuth strategies
  • Configuring a custom OAuth/OIDC provider (Slack, Discord, Microsoft)
  • Testing flows from the admin UI or via API endpoints
  • Integrating frontend login buttons and callback pages

Best practices

  • Store client secrets and JWT_SECRET in environment variables, never in source code
  • Use HTTPS and secure cookie settings in production; set secure=false on localhost
  • Set cookie.sameSite to "lax" to allow OAuth redirects
  • Ensure callback URLs listed in provider dashboards exactly match your Bknd host configuration
  • Test flows in incognito and verify the OAuth challenge during token-based flows

Example use cases

  • Enable Google sign-in for quick user onboarding and profile import
  • Add GitHub login for developer-focused apps and email verification
  • Configure Slack or Discord as a custom OAuth2 provider using custom endpoints
  • Implement cookie-based OAuth for SSR apps and token-based flow for SPA with localStorage
  • Expose multiple strategies (password + google + github) so users can choose their method

FAQ

Use http://localhost:7654/api/auth/{provider}/callback in development and https://api.yourapp.com/api/auth/{provider}/callback in production; these must match the host configured for Bknd.

Why do I get redirect_uri_mismatch?

This happens when the redirect URI configured in the provider dashboard does not exactly match the URL Bknd uses. Verify host, path, and protocol match precisely.

When should I use cookie vs token flow?

Use cookie-based flow for server-rendered apps (recommended for SSR) because the backend sets the session cookie. Use token-based flow for SPAs where you manage the OAuth challenge and persist tokens in client storage.

Built by
VeilStrat
AI signals for GTM teams
© 2026 VeilStrat. All rights reserved.All systems operational
bknd-oauth-setup skill by cameronapak/bknd-skills | VeilStrat