oauth-integrations — for Claude Code oauth-integrations, Smart_Zone, community, for Claude Code, ide skills, GitHub OAuth integration, Microsoft Entra authentication, Cloudflare Workers OAuth, edge environment authentication, OAuth token exchange

v1.0.0
GitHub

About this Skill

Ideal for Cloudflare Workers and edge runtime developers needing seamless GitHub and Microsoft OAuth integrations. oauth-integrations is a skill that facilitates OAuth authentication with GitHub and Microsoft, allowing for secure and efficient authorization in edge environments.

Features

Implement GitHub OAuth using Cloudflare Workers
Handle private email scenarios with GitHub API
Exchange tokens for JSON responses with GitHub
Construct manual OAuth URLs for Microsoft Entra (Azure AD)
Use Accept headers for JSON responses in Microsoft OAuth
Authenticate with Microsoft Entra (Azure AD) in edge runtimes

# Core Topics

for Claude Code GitHub OAuth integration Microsoft Entra authentication Cloudflare Workers OAuth edge environment authentication OAuth token exchange
dennislee928 dennislee928
[4]
[0]
Updated: 3/18/2026

Killer-Skills Review

Decision support comes first. Repository text comes second.

Reference-Only Page Review Score: 8/11

This page remains useful for operators, but Killer-Skills treats it as reference material instead of a primary organic landing page.

Original recommendation layer Concrete use-case guidance Explicit limitations and caution Locale and body language aligned
Review Score
8/11
Quality Score
33
Canonical Locale
en
Detected Body Locale
en

Ideal for Cloudflare Workers and edge runtime developers needing seamless GitHub and Microsoft OAuth integrations. oauth-integrations is a skill that facilitates OAuth authentication with GitHub and Microsoft, allowing for secure and efficient authorization in edge environments.

Core Value

Empowers agents to implement secure authentication and authorization workflows using GitHub and Microsoft OAuth, leveraging JSON Web Tokens and the `jose` library for token validation, while handling private email scenarios and token exchange with precision.

Ideal Agent Persona

Ideal for Cloudflare Workers and edge runtime developers needing seamless GitHub and Microsoft OAuth integrations.

Capabilities Granted for oauth-integrations

Implementing GitHub OAuth for edge environments with required headers and scopes
Handling private email scenarios in GitHub user data with `user:email` scope
Exchanging tokens with Microsoft Entra (Azure AD) OAuth using manual OAuth URL construction and `fetch` API

! Prerequisites & Limits

  • Requires exact callback URL for GitHub OAuth
  • Tokens from GitHub OAuth do not expire, but revocation requires full re-authentication
  • Microsoft Entra (Azure AD) OAuth requires `User.Read` scope for Microsoft Graph `/me` endpoint

Why this page is reference-only

  • - The underlying skill quality score is below the review floor.

Source Boundary

The section below is imported from the upstream repository and should be treated as secondary evidence. Use the Killer-Skills review above as the primary layer for fit, risk, and installation decisions.

After The Review

Decide The Next Action Before You Keep Reading Repository Material

Killer-Skills should not stop at opening repository instructions. It should help you decide whether to install this skill, when to cross-check against trusted collections, and when to move into workflow rollout.

Install Path

Start With Installation And Validation

If this skill is worth continuing with, the next step is to confirm the install command, CLI write path, and environment validation.
Trusted Recheck

Cross-Check Against Trusted Picks

If you are still comparing multiple skills or vendors, go back to the trusted collection before amplifying repository noise.
Workflow

Move To Workflow Collections For Team Rollout

When the goal shifts from a single skill to team handoff, approvals, and repeatable execution, move into workflow collections.
Labs Demo

Browser Sandbox Environment

⚡️ Ready to unleash?

Experience this Agent in a zero-setup browser environment powered by WebContainers. No installation required.

Boot Container Sandbox

FAQ & Installation Steps

These questions and steps mirror the structured data on this page for better search understanding.

? Frequently Asked Questions

What is oauth-integrations?

Ideal for Cloudflare Workers and edge runtime developers needing seamless GitHub and Microsoft OAuth integrations. oauth-integrations is a skill that facilitates OAuth authentication with GitHub and Microsoft, allowing for secure and efficient authorization in edge environments.

How do I install oauth-integrations?

Run the command: npx killer-skills add dennislee928/Smart_Zone. It works with Cursor, Windsurf, VS Code, Claude Code, and 19+ other IDEs.

What are the use cases for oauth-integrations?

Key use cases include: Implementing GitHub OAuth for edge environments with required headers and scopes, Handling private email scenarios in GitHub user data with `user:email` scope, Exchanging tokens with Microsoft Entra (Azure AD) OAuth using manual OAuth URL construction and `fetch` API.

Which IDEs are compatible with oauth-integrations?

This skill is compatible with Cursor, Windsurf, VS Code, Trae, Claude Code, OpenClaw, Aider, Codex, OpenCode, Goose, Cline, Roo Code, Kiro, Augment Code, Continue, GitHub Copilot, Sourcegraph Cody, and Amazon Q Developer. Use the Killer-Skills CLI for universal one-command installation.

Are there any limitations for oauth-integrations?

Requires exact callback URL for GitHub OAuth. Tokens from GitHub OAuth do not expire, but revocation requires full re-authentication. Microsoft Entra (Azure AD) OAuth requires `User.Read` scope for Microsoft Graph `/me` endpoint.

How To Install

  1. 1. Open your terminal

    Open the terminal or command line in your project directory.

  2. 2. Run the install command

    Run: npx killer-skills add dennislee928/Smart_Zone. The CLI will automatically detect your IDE or AI agent and configure the skill.

  3. 3. Start using the skill

    The skill is now active. Your AI agent can use oauth-integrations immediately in the current project.

! Reference-Only Mode

This page remains useful for installation and reference, but Killer-Skills no longer treats it as a primary indexable landing page. Read the review above before relying on the upstream repository instructions.

Upstream Repository Material

The section below is imported from the upstream repository and should be treated as secondary evidence. Use the Killer-Skills review above as the primary layer for fit, risk, and installation decisions.

Upstream Source

oauth-integrations

Streamline authentication with OAuth integrations for GitHub and Microsoft. Discover how this AI agent skill benefits developers with seamless authorization

SKILL.md
Readonly
Upstream Repository Material
The section below is imported from the upstream repository and should be treated as secondary evidence. Use the Killer-Skills review above as the primary layer for fit, risk, and installation decisions.
Supporting Evidence

OAuth Integrations for Edge Environments

Implement GitHub and Microsoft OAuth in Cloudflare Workers and other edge runtimes.

GitHub OAuth

Required Headers

GitHub API has strict requirements that differ from other providers.

HeaderRequirement
User-AgentREQUIRED - Returns 403 without it
Acceptapplication/vnd.github+json recommended
typescript
1const resp = await fetch('https://api.github.com/user', {
2  headers: {
3    Authorization: `Bearer ${accessToken}`,
4    'User-Agent': 'MyApp/1.0',  // Required!
5    'Accept': 'application/vnd.github+json',
6  },
7});

Private Email Handling

GitHub users can set email to private (/user returns email: null).

typescript
1if (!userData.email) {
2  const emails = await fetch('https://api.github.com/user/emails', { headers })
3    .then(r => r.json());
4  userData.email = emails.find(e => e.primary && e.verified)?.email;
5}

Requires user:email scope.

Token Exchange

Token exchange returns form-encoded by default. Add Accept header for JSON:

typescript
1const tokenResponse = await fetch('https://github.com/login/oauth/access_token', {
2  method: 'POST',
3  headers: {
4    'Content-Type': 'application/x-www-form-urlencoded',
5    'Accept': 'application/json',  // Get JSON response
6  },
7  body: new URLSearchParams({ code, client_id, client_secret, redirect_uri }),
8});

GitHub OAuth Notes

IssueSolution
Callback URLMust be EXACT - no wildcards, no subdirectory matching
Token exchange returns form-encodedAdd 'Accept': 'application/json' header
Tokens don't expireNo refresh flow needed, but revoked = full re-auth

Microsoft Entra (Azure AD) OAuth

Why MSAL Doesn't Work in Workers

MSAL.js depends on:

  • Browser APIs (localStorage, sessionStorage, DOM)
  • Node.js crypto module

Cloudflare's V8 isolate runtime has neither. Use manual OAuth instead:

  1. Manual OAuth URL construction
  2. Direct token exchange via fetch
  3. JWT validation with jose library

Required Scopes

typescript
1// For user identity (email, name, profile picture)
2const scope = 'openid email profile User.Read';
3
4// For refresh tokens (long-lived sessions)
5const scope = 'openid email profile User.Read offline_access';

Critical: User.Read is required for Microsoft Graph /me endpoint. Without it, token exchange succeeds but user info fetch returns 403.

User Info Endpoint

typescript
1// Microsoft Graph /me endpoint
2const resp = await fetch('https://graph.microsoft.com/v1.0/me', {
3  headers: { Authorization: `Bearer ${accessToken}` },
4});
5
6// Email may be in different fields
7const email = data.mail || data.userPrincipalName;

Tenant Configuration

Tenant ValueWho Can Sign In
commonAny Microsoft account (personal + work)
organizationsWork/school accounts only
consumersPersonal Microsoft accounts only
{tenant-id}Specific organization only

Azure Portal Setup

  1. App Registration → New registration
  2. Platform: Web (not SPA) for server-side OAuth
  3. Redirect URIs: Add both /callback and /admin/callback
  4. Certificates & secrets → New client secret

Token Lifetimes

Token TypeDefault LifetimeNotes
Access token60-90 minutesConfigurable via token lifetime policies
Refresh token90 daysRevoked on password change
ID token60 minutesSame as access token

Best Practice: Always request offline_access scope and implement refresh token flow for sessions longer than 1 hour.

Common Corrections

If Claude suggests...Use instead...
GitHub fetch without User-AgentAdd 'User-Agent': 'AppName/1.0' (REQUIRED)
Using MSAL.js in WorkersManual OAuth + jose for JWT validation
Microsoft scope without User.ReadAdd User.Read scope
Fetching email from token claims onlyUse Graph /me endpoint

Error Reference

GitHub Errors

ErrorCauseFix
403 ForbiddenMissing User-Agent headerAdd User-Agent header
email: nullUser has private emailFetch /user/emails with user:email scope

Microsoft Errors

ErrorCauseFix
AADSTS50058Silent auth failedUse interactive flow
AADSTS700084Refresh token expiredRe-authenticate user
403 on Graph /meMissing User.Read scopeAdd User.Read to scopes

Reference

Related Skills

Looking for an alternative to oauth-integrations or another community skill for your workflow? Explore these related open-source skills.

View All

openclaw-release-maintainer

Logo of openclaw
openclaw

Your own personal AI assistant. Any OS. Any Platform. The lobster way. 🦞

333.8k
0
AI

widget-generator

Logo of f
f

Generate customizable widget plugins for the prompts.chat feed system

149.6k
0
AI

flags

Logo of vercel
vercel

The React Framework

138.4k
0
Browser

pr-review

Logo of pytorch
pytorch

Tensors and Dynamic neural networks in Python with strong GPU acceleration

98.6k
0
Developer