auth-token-manager
Получение валидных JWT Bearer токенов для аутентификации MikoPBX REST API v3. Использовать когда нужно тестировать API эндпоинты, отлаживать проблемы аутентификации или при возникновении ошибок 401 Unauthorized. Автоматически обрабатывает вход с username/password и возвращает готовый к использованию access token.
Install
mkdir -p .claude/skills/auth-token-manager && curl -L -o skill.zip "https://mcp.directory/api/skills/download/2842" && unzip -o skill.zip -d .claude/skills/auth-token-manager && rm skill.zipInstalls to .claude/skills/auth-token-manager
About this skill
MikoPBX Authentication Token Manager
Overview
This skill provides reliable JWT Bearer token acquisition for MikoPBX REST API v3. Solves the persistent problem of getting valid authentication tokens for API testing and development.
Authentication Architecture
MikoPBX uses dual-token authentication:
-
Access Token (JWT)
- Type: JSON Web Token
- Lifetime: 15 minutes (900 seconds)
- Storage: In-memory (Authorization: Bearer header)
- Purpose: Stateless API authorization
-
Refresh Token
- Type: Random hex string
- Lifetime: 30 days (configurable via rememberMe)
- Storage: httpOnly cookie + Redis
- Purpose: Token rotation without re-authentication
Token Workflow
┌─────────────┐
│ Login │ POST /auth:login
│ username │ {login, password, rememberMe}
│ password │
└──────┬──────┘
│
▼
┌─────────────────────────────────┐
│ Server Response │
│ - accessToken (JWT, 15 min) │
│ - refreshToken (cookie, 30d) │
└──────┬──────────────────────────┘
│
▼
┌─────────────────────────────────┐
│ API Request │
│ Authorization: Bearer <JWT> │
│ Cookie: refreshToken=xxx │
└──────┬──────────────────────────┘
│
▼ (when token expires)
┌─────────────────────────────────┐
│ Refresh │
│ POST /auth:refresh │
│ Cookie: refreshToken=xxx │
└──────┬──────────────────────────┘
│
▼
┌─────────────────────────────────┐
│ New Tokens │
│ - new accessToken (JWT) │
│ - new refreshToken (rotated) │
└─────────────────────────────────┘
Features
- ✅ Automatic JWT token acquisition via username/password
- ✅ Cookie-based session management (for refresh tokens)
- ✅ Token validation and expiration checking
- ✅ Support for both HTTP and HTTPS endpoints
- ✅ Configurable timeout and retry logic
- ✅ Clear error messages for debugging
Environment Variables
The skill uses these environment variables (with defaults):
MIKOPBX_API_URL="http://mikopbx-php83.localhost:8081/pbxcore/api/v3" # API base URL
MIKOPBX_LOGIN="admin" # Username
MIKOPBX_PASSWORD="123456789MikoPBX#1" # Password
For HTTPS with self-signed certificates:
MIKOPBX_API_URL="https://localhost:8445/pbxcore/api/v3"
Usage Examples
Example 1: Get Token for API Testing
# Get fresh token
TOKEN=$(bash .claude/skills/auth-token-manager/get-auth-token.sh)
# Use token in API requests
curl -H "Authorization: Bearer $TOKEN" \
http://mikopbx-php83.localhost:8081/pbxcore/api/v3/extensions
Example 2: Custom Credentials
# Override default credentials
export MIKOPBX_LOGIN="custom_admin"
export MIKOPBX_PASSWORD="custom_password"
TOKEN=$(bash .claude/skills/auth-token-manager/get-auth-token.sh)
Example 3: HTTPS with Self-Signed Certificate
# For local development with self-signed cert
export MIKOPBX_API_URL="https://192.168.117.2:8445/pbxcore/api/v3"
TOKEN=$(bash .claude/skills/auth-token-manager/get-auth-token.sh)
Example 4: Debug Mode
# See full request/response
bash .claude/skills/auth-token-manager/get-auth-token.sh --debug
Token Format
Valid JWT tokens have 3 parts separated by dots:
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJ1c2VySWQiOiJhZG1pbiIsInJvbGUiOiJhZG1pbnMiLCJsYW5ndWFnZSI6InJ1IiwiaWF0IjoxNzYwODg4Mjc2LCJleHAiOjE3NjA4ODkxNzYsIm5iZiI6MTc2MDg4ODI3Nn0.SOP3FAXD-O56m7e-l2-aq5rJ02OZB6UtBACbRy4aNKg
Parts:
- Header: Algorithm and token type
- Payload: User ID, role, language, timestamps (iat, exp, nbf)
- Signature: HMAC-SHA256 signature
Common Issues
Issue 1: "Connection refused"
Cause: MikoPBX container not running
Solution: Start container or check MIKOPBX_API_URL
Issue 2: "Invalid credentials"
Cause: Wrong username/password
Solution: Verify MIKOPBX_LOGIN and MIKOPBX_PASSWORD
Issue 3: "SSL certificate problem"
Cause: Self-signed certificate without --insecure Solution: Script automatically handles this for HTTPS URLs
Issue 4: "Token expired"
Cause: Token older than 15 minutes Solution: Get fresh token (this skill does it automatically)
Technical Details
Login Endpoint
POST /pbxcore/api/v3/auth:login
Content-Type: application/x-www-form-urlencoded
login=admin&password=123456789MikoPBX%231&rememberMe=false
Response Format
{
"result": true,
"data": {
"accessToken": "eyJ0eXAiOiJKV1QiLCJh...",
"tokenType": "Bearer",
"expiresIn": 900
},
"messages": {}
}
Security Notes
- HTTPS Recommended: Always use HTTPS in production
- Token Storage: Never commit tokens to git
- Token Lifetime: Tokens expire after 15 minutes
- Refresh Token: Stored in httpOnly cookie (XSS protection)
- Session Management: Each login creates new session
Integration with Other Skills
This skill can be used by:
mikopbx-api-test-generating- Get tokens for pytest testsrest-api-docker-tester- Get tokens for CURL tests- Custom testing scripts
Files
get-auth-token.sh- Main script for token acquisitionSKILL.md- This documentationREADME.md- Quick reference guide
See Also
More by mikopbx
View all →You might also like
flutter-development
aj-geddes
Build beautiful cross-platform mobile apps with Flutter and Dart. Covers widgets, state management with Provider/BLoC, navigation, API integration, and material design.
drawio-diagrams-enhanced
jgtolentino
Create professional draw.io (diagrams.net) diagrams in XML format (.drawio files) with integrated PMP/PMBOK methodologies, extensive visual asset libraries, and industry-standard professional templates. Use this skill when users ask to create flowcharts, swimlane diagrams, cross-functional flowcharts, org charts, network diagrams, UML diagrams, BPMN, project management diagrams (WBS, Gantt, PERT, RACI), risk matrices, stakeholder maps, or any other visual diagram in draw.io format. This skill includes access to custom shape libraries for icons, clipart, and professional symbols.
godot
bfollington
This skill should be used when working on Godot Engine projects. It provides specialized knowledge of Godot's file formats (.gd, .tscn, .tres), architecture patterns (component-based, signal-driven, resource-based), common pitfalls, validation tools, code templates, and CLI workflows. The `godot` command is available for running the game, validating scripts, importing resources, and exporting builds. Use this skill for tasks involving Godot game development, debugging scene/resource files, implementing game systems, or creating new Godot components.
nano-banana-pro
garg-aayush
Generate and edit images using Google's Nano Banana Pro (Gemini 3 Pro Image) API. Use when the user asks to generate, create, edit, modify, change, alter, or update images. Also use when user references an existing image file and asks to modify it in any way (e.g., "modify this image", "change the background", "replace X with Y"). Supports both text-to-image generation and image-to-image editing with configurable resolution (1K default, 2K, or 4K for high resolution). DO NOT read the image file first - use this skill directly with the --input-image parameter.
ui-ux-pro-max
nextlevelbuilder
"UI/UX design intelligence. 50 styles, 21 palettes, 50 font pairings, 20 charts, 8 stacks (React, Next.js, Vue, Svelte, SwiftUI, React Native, Flutter, Tailwind). Actions: plan, build, create, design, implement, review, fix, improve, optimize, enhance, refactor, check UI/UX code. Projects: website, landing page, dashboard, admin panel, e-commerce, SaaS, portfolio, blog, mobile app, .html, .tsx, .vue, .svelte. Elements: button, modal, navbar, sidebar, card, table, form, chart. Styles: glassmorphism, claymorphism, minimalism, brutalism, neumorphism, bento grid, dark mode, responsive, skeuomorphism, flat design. Topics: color palette, accessibility, animation, layout, typography, font pairing, spacing, hover, shadow, gradient."
rust-coding-skill
UtakataKyosui
Guides Claude in writing idiomatic, efficient, well-structured Rust code using proper data modeling, traits, impl organization, macros, and build-speed best practices.
Stay ahead of the MCP ecosystem
Get weekly updates on new skills and servers.