AgentSkillsCN

syntra-auth

借助 Syntra 实现身份验证与用户管理。适用于设置身份验证、配置 OAuth 提供商、管理用户、处理邮箱验证、密码重置、OTP 码,或配置密码策略与会话设置时使用。

SKILL.md
--- frontmatter
name: syntra-auth
description: Authentication and user management with Syntra. Use when setting up auth, configuring OAuth providers, managing users, handling email verification, password resets, OTP codes, or configuring password policies and session settings.

Syntra Authentication

Auth setup workflow

  1. auth_get_config — check current auth settings
  2. auth_update_config — configure password rules, session timeout, email verification
  3. auth_upsert_oauth_config — add OAuth providers (Google, GitHub, Discord, etc.)
  4. auth_register — create first user
  5. auth_login — verify login works

User management

  • Register: auth_register with email, password, optional name
  • Login: auth_login returns access + refresh tokens
  • Admin login: auth_admin_login for project admin access
  • List users: auth_list_users with limit/offset pagination
  • Find user: auth_get_user_by_id or auth_get_user_by_email
  • Update profile: auth_update_profile with user_id and key-value profile object
  • Delete users: auth_delete_users with array of user_ids

Auth configuration

auth_update_config accepts:

FieldTypeDescription
require_email_verificationbooleanRequire users to verify email
password_min_lengthnumberMinimum password length
require_numberbooleanRequire number in password
require_lowercasebooleanRequire lowercase letter
require_uppercasebooleanRequire uppercase letter
require_special_charbooleanRequire special character
session_timeoutnumberSession timeout in seconds
verify_email_methodstringEmail verification method
reset_password_methodstringPassword reset method
sign_in_redirect_tostringPost-sign-in redirect URL

Email verification and OTP

  1. auth_generate_otp_code — generate 6-digit code (for email verification or password reset)
  2. Send the code to user via system_send_email
  3. auth_verify_otp — verify the code user provides
  4. auth_mark_email_verified — manually mark email as verified (admin shortcut)

For magic links, use auth_generate_otp_token instead (long-form token for URLs).

OAuth providers

  • auth_list_oauth_configs — see configured providers
  • auth_upsert_oauth_config — create or update a provider
  • auth_delete_oauth_config — remove a provider

Configure a provider

json
{
  "provider": "google",
  "client_id": "your-client-id.apps.googleusercontent.com",
  "client_secret": "your-client-secret",
  "scope": "openid email profile",
  "redirect_url": "http://localhost:7130/api/auth/callback/google",
  "enabled": true
}

Reference docs