Skills
.Work. You
Rest

oauth21-security

Community

Secure OAuth 2.1 implementations with confidence.

Software Engineering#security#oauth#redirects#token#tls#pkce#oauth2.1
Authormaronnjapan
Version1.0.0
Installs0

System Documentation

What problem does it solve?

Implementing OAuth 2.1 securely is complex and error-prone, leading to token leakage, insecure redirects, and weak client/server protections. This Skill consolidates the security requirements to guide TLS, redirect handling, and token-binding practices for modern OAuth deployments.

Core Features & Use Cases

  • TLS enforcement across all endpoints (with loopback exceptions for native apps) and TLS version guidance.
  • PKCE is mandatory for public clients and strongly recommended for confidential clients.
  • Removal of Implicit and Resource Owner Password Credentials grants; encourage Authorization Code with PKCE.
  • Secure redirect handling using exact redirect_uri matching and recommended status codes (e.g., 303 See Other).
  • Token binding options including DPoP and Mutual TLS to prevent token replay.

Quick Start

Apply OAuth 2.1 security guidelines by enforcing TLS on all endpoints, enabling PKCE for public clients, and adhering to safe redirect practices.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: oauth21-security
Download link: https://github.com/maronnjapan/maronn-openid-provider/archive/main.zip#oauth21-security

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 223,000+ vetted skills library on demand.