← Back to Skills Marketplace
urbantech

Ainative Auth Guide

by Toby Morning · GitHub ↗ · v1.0.0 · MIT-0
cross-platform ✓ Security Clean
152
Downloads
0
Stars
1
Active Installs
1
Versions
Install in OpenClaw
/install ainative-auth-guide
Description
Implement authentication for AINative APIs. Use when (1) Choosing between API key and JWT auth, (2) Registering/logging in users, (3) Refreshing tokens, (4)...
README (SKILL.md)

AINative Authentication Guide

Auth Methods

Method Use Case Header
API Key Server-side, agents, SDKs, MCP tools X-API-Key: ak_...
Bearer JWT User sessions, web apps Authorization: Bearer \x3Ctoken>
OAuth2 Social login (LinkedIn, GitHub) Standard OAuth2 flow

API Key Auth (Simplest)

Get a key via npx zerodb init or from the dashboard.

import requests

response = requests.get(
    "https://api.ainative.studio/api/v1/public/credits/balance",
    headers={"X-API-Key": "ak_your_key"}
)

const res = await fetch("https://api.ainative.studio/api/v1/public/credits/balance", {
  headers: { "X-API-Key": "ak_your_key" }
});

Email/Password Registration & Login

# Register
resp = requests.post(
    "https://api.ainative.studio/api/v1/auth/register",
    json={"email": "[email protected]", "password": "securepass", "name": "Alice"}
)
token = resp.json()["access_token"]

# Login
resp = requests.post(
    "https://api.ainative.studio/api/v1/auth/login",
    json={"email": "[email protected]", "password": "securepass"}
)
access_token = resp.json()["access_token"]
refresh_token = resp.json()["refresh_token"]

JWT Usage

headers = {"Authorization": f"Bearer {access_token}"}
me = requests.get("https://api.ainative.studio/api/v1/users/me", headers=headers).json()

Token Refresh

resp = requests.post(
    "https://api.ainative.studio/api/v1/auth/refresh",
    json={"refresh_token": refresh_token}
)
new_access_token = resp.json()["access_token"]

Logout

requests.post(
    "https://api.ainative.studio/api/v1/auth/logout",
    headers={"Authorization": f"Bearer {access_token}"}
)

OAuth2 Social Login

# LinkedIn
resp = requests.post(
    "https://api.ainative.studio/api/v1/auth/linkedin/callback",
    json={"code": oauth_code, "redirect_uri": "https://yourapp.com/callback"}
)

# GitHub
resp = requests.post(
    "https://api.ainative.studio/api/v1/auth/github/callback",
    json={"code": oauth_code, "redirect_uri": "https://yourapp.com/callback"}
)
token = resp.json()["access_token"]

Next.js Middleware

// middleware.ts
import { createMiddleware } from '@ainative/next-sdk/middleware';

export const middleware = createMiddleware({
  apiKey: process.env.AINATIVE_API_KEY!,
  protectedPaths: ['/dashboard', '/api/protected'],
  loginPath: '/login',
});

Password Reset

# Request reset email
requests.post("https://api.ainative.studio/api/v1/auth/forgot-password",
    json={"email": "[email protected]"})

# Set new password with token from email
requests.post("https://api.ainative.studio/api/v1/auth/reset-password",
    json={"token": "reset_token_from_email", "new_password": "newpassword"})

Auth Endpoints

Endpoint Method Description
/api/v1/auth/register POST Create account
/api/v1/auth/login POST Email/password → JWT
/api/v1/auth/logout POST Invalidate session
/api/v1/auth/refresh POST Refresh access token
/api/v1/users/me GET Current user profile
/api/v1/auth/verify-email POST Verify email address
/api/v1/auth/forgot-password POST Send reset email
/api/v1/auth/reset-password POST Apply new password
/api/v1/auth/linkedin/callback POST LinkedIn OAuth2
/api/v1/auth/github/callback POST GitHub OAuth2

Error Codes

Status Meaning
401 Invalid or missing token/key
403 Valid auth, insufficient permissions
409 Email already registered

References

  • src/backend/app/api/v1/endpoints/auth.py — Auth endpoint implementation
  • packages/sdks/nextjs/src/middleware/ — Next.js auth middleware
  • docs/guides/AUTHENTICATION.md — Full authentication guide
Usage Guidance
This is a documentation-only skill that looks coherent for implementing AINative authentication. Before using it: (1) confirm api.ainative.studio is the expected service and that you trust the SDKs referenced (e.g., @ainative/next-sdk); (2) never paste real API keys or long-lived secrets into public or untrusted places—use environment variables and least-privilege keys; (3) the SKILL.md shows examples referencing process.env.AINATIVE_API_KEY but the skill metadata doesn't require any env vars—this is just an example, not an automatic credential access; (4) if you plan to install the referenced SDKs or run any npx commands, review those packages' sources and release provenance; and (5) if additional code files or an install script appear later (the skill currently has none), re-evaluate because that would change the risk profile.
Capability Analysis
Type: OpenClaw Skill Name: ainative-auth-guide Version: 1.0.0 The skill bundle is a documentation guide for implementing authentication with the AINative API (api.ainative.studio). It provides standard code snippets for JWT, OAuth2, and API key management in Python and TypeScript, and does not contain any executable logic, data exfiltration attempts, or malicious instructions.
Capability Assessment
Purpose & Capability
The name/description (implementing API key, JWT, OAuth2 flows) matches the SKILL.md content: example requests, endpoints, Next.js middleware usage and token flows are exactly what an auth guide would show. No unrelated services or credentials are demanded by the skill metadata.
Instruction Scope
The instructions are limited to demonstrating HTTP calls to api.ainative.studio, OAuth callback flows, token refresh/logout, and a Next.js middleware snippet. They do not instruct reading arbitrary local files or exfiltrating data to unexpected endpoints. References to repository paths and npx/SDK usage are documentation pointers, not directives to access unrelated system state.
Install Mechanism
This is an instruction-only skill with no install spec and no code files, so it doesn't write or execute code on the host. That represents the lowest install risk.
Credentials
The skill metadata declares no required env vars or credentials, which is reasonable for a guide. The SKILL.md examples, however, reference process.env.AINATIVE_API_KEY and placeholder API keys (ak_your_key). This is an expected example usage pattern but is not reflected in requires.env; users should be aware the guide presumes you will provide your own keys when implementing the examples.
Persistence & Privilege
always is false and there is no install or code that would persist or modify other skills or global agent settings. The skill does not request permanent presence or elevated platform privileges.
How to Use
  1. Make sure OpenClaw is installed (local or Docker)
  2. Run the install command in chat: /install ainative-auth-guide
  3. After installation, invoke the skill by name or use /ainative-auth-guide
  4. Provide required inputs per the skill's parameter spec and get structured output
Version History
v1.0.0
- Initial release of the ainative-auth-guide skill. - Provides comprehensive authentication guidance for AINative APIs, including API key, JWT, email/password, OAuth2 (LinkedIn/GitHub), and middleware patterns. - Includes usage examples for Python and TypeScript, with step-by-step registration, login, token management, and social login flows. - Lists main authentication endpoints, error codes, and reference links for further documentation.
Metadata
Slug ainative-auth-guide
Version 1.0.0
License MIT-0
All-time Installs 1
Active Installs 1
Total Versions 1
Frequently Asked Questions

What is Ainative Auth Guide?

Implement authentication for AINative APIs. Use when (1) Choosing between API key and JWT auth, (2) Registering/logging in users, (3) Refreshing tokens, (4)... It is an AI Agent Skill for Claude Code / OpenClaw, with 152 downloads so far.

How do I install Ainative Auth Guide?

Run "/install ainative-auth-guide" in the OpenClaw or Claude Code chat to install it in one step — no extra setup required.

Is Ainative Auth Guide free?

Yes, Ainative Auth Guide is completely free, licensed under MIT-0. You can download, install and use it at no cost.

Which platforms does Ainative Auth Guide support?

Ainative Auth Guide is cross-platform and runs anywhere OpenClaw / Claude Code is available (cross-platform).

Who created Ainative Auth Guide?

It is built and maintained by Toby Morning (@urbantech); the current version is v1.0.0.

More Skills
self-improving agent
Captures learnings, errors, and corrections to enable continuous improvement. Use when: (1) A command or operation fails unexpectedly, (2) User corrects Clau...
⬇ 463283 · by pskoett
Skill Vetter
Security-first skill vetting for AI agents. Use before installing any skill from ClawdHub, GitHub, or other sources. Checks for red flags, permission scope, and suspicious patterns.
⬇ 259410 · by spclaudehome
Polymarket
Query Polymarket prediction markets. Check odds, find trending markets, search events, track price movements.
⬇ 232503 · by joelchance
Self-Improving + Proactive Agent
Self-reflection + Self-criticism + Self-learning + Self-organizing memory. Agent evaluates its own work, catches mistakes, and improves permanently. Use when...
⬇ 200423 · by ivangdavila
Github
Interact with GitHub using the `gh` CLI. Use `gh issue`, `gh pr`, `gh run`, and `gh api` for issues, PRs, CI runs, and advanced queries.
⬇ 191115 · by steipete
ontology
Typed knowledge graph for structured agent memory and composable skills. Use when creating/querying entities (Person, Project, Task, Event, Document), linkin...
⬇ 190156 · by oswalpalash

💬 Comments