plugins/aai-stack-auth0/skills/auth0-patterns/SKILL.md
February 1, 2026
Select agents to install to:
npx add-skill https://github.com/the-answerai/alphaagent-team/blob/main/plugins/aai-stack-auth0/skills/auth0-patterns/SKILL.md -a claude-code --skill auth0-patternsInstallation paths:
.claude/skills/auth0-patterns/# Auth0 Patterns Skill
Common patterns for Auth0 authentication integration.
## Core Concepts
### Configuration
```typescript
// Environment variables
AUTH0_DOMAIN=your-tenant.auth0.com
AUTH0_CLIENT_ID=your-client-id
AUTH0_CLIENT_SECRET=your-client-secret
AUTH0_AUDIENCE=your-api-identifier
AUTH0_BASE_URL=http://localhost:3000
AUTH0_ISSUER_BASE_URL=https://your-tenant.auth0.com
AUTH0_SECRET=a-long-random-secret-for-session-encryption
```
### Token Types
```
ID Token: Contains user identity claims (for client)
Access Token: Used to call protected APIs
Refresh Token: Used to get new access tokens
```
## Machine-to-Machine Auth
### Getting Access Token
```typescript
import { AuthenticationClient } from 'auth0'
const auth0 = new AuthenticationClient({
domain: process.env.AUTH0_DOMAIN,
clientId: process.env.AUTH0_CLIENT_ID,
clientSecret: process.env.AUTH0_CLIENT_SECRET,
})
async function getM2MToken(): Promise<string> {
const response = await auth0.clientCredentialsGrant({
audience: process.env.AUTH0_AUDIENCE,
})
return response.access_token
}
```
### Token Caching
```typescript
class TokenManager {
private token: string | null = null
private expiresAt: number = 0
async getToken(): Promise<string> {
if (this.token && Date.now() < this.expiresAt - 60000) {
return this.token
}
const response = await auth0.clientCredentialsGrant({
audience: process.env.AUTH0_AUDIENCE,
})
this.token = response.access_token
this.expiresAt = Date.now() + (response.expires_in * 1000)
return this.token
}
}
```
## User Management
### Management API
```typescript
import { ManagementClient } from 'auth0'
const management = new ManagementClient({
domain: process.env.AUTH0_DOMAIN,
clientId: process.env.AUTH0_M2M_CLIENT_ID,
clientSecret: process.env.AUTH0_M2M_CLIENT_SECRET,
})
// Get user
const user = await management.users.get({ id: 'auth0|123' })
// Update user
await management.users.update(
{ id: 'auth0|12