MCP.directory

auth-tool-cloudbase

by TencentCloudBase
2
0
Source

Use CloudBase Auth tool to configure and manage authentication providers for web applications - enable/disable login methods (SMS, Email, WeChat Open Platform, Google, Anonymous, Username/password, OAuth, SAML, CAS, Dingding, etc.) and configure provider settings via MCP tools `callCloudApi`.

Install

mkdir -p .claude/skills/auth-tool-cloudbase && curl -L -o skill.zip "https://mcp.directory/api/skills/download/4146" && unzip -o skill.zip -d .claude/skills/auth-tool-cloudbase && rm skill.zip

Installs to .claude/skills/auth-tool-cloudbase

About this skill

Activation Contract

Use this first when

  • The user mentions login, registration, authentication, provider setup, SMS, email, anonymous login, or third-party login.
  • A Web, native App, or backend flow needs CloudBase auth configuration before implementation.
  • For any CloudBase Web auth flow, activate this skill before auth-web.

Read before writing code if

  • The request includes any auth UI or auth API work. Provider status must be checked first.
  • When the task is a Web auth flow, read auth-web after this skill and before writing frontend code.

Then also read

  • Web auth UI -> ../auth-web/SKILL.md
  • Mini program auth -> ../auth-wechat/SKILL.md
  • Native App / raw HTTP -> ../http-api/SKILL.md

Do NOT use this as

  • A replacement for platform implementation rules. This skill configures providers; it does not define the full frontend or client integration path.

Common mistakes / gotchas

  • Writing login UI before enabling the required provider.
  • Implementing Web login in cloud functions.
  • Routing native App auth to Web SDK flows.

Minimal checklist

Overview

Configure CloudBase authentication providers: Anonymous, Username/Password, SMS, Email, WeChat, Google, and more.

Prerequisites: CloudBase environment ID (env)

Authentication Scenarios

1. Get Login Config

Use the official login-config API. Do not use lowcode/DescribeLoginStrategy or lowcode/ModifyLoginStrategy as the default path.

Query current login configuration:

{
    "params": { "EnvId": `env` },
    "service": "tcb",
    "action": "DescribeLoginConfig"
}

The response contains fields such as:

  • AnonymousLogin
  • UserNameLogin
  • PhoneNumberLogin
  • EmailLogin
  • SmsVerificationConfig
  • MfaConfig
  • PwdUpdateStrategy

Parameter mapping for downstream Web auth code:

  • PhoneNumberLogin controls phone OTP flows used by auth-web auth.signInWithOtp({ phone }) and auth.signUp({ phone })
  • EmailLogin controls email OTP flows used by auth-web auth.signInWithOtp({ email }) and auth.signUp({ email })
  • UserNameLogin controls password login flows used by auth-web auth.signInWithPassword({ username, password })
  • SmsVerificationConfig.Type = "apis" requires both Name and Method
  • EnvId is always the CloudBase environment ID, not the publishable key

Before calling ModifyLoginConfig, rebuild the payload from writable keys only. Do not spread the full response object back into the request.

const WritableLoginConfig = {
    "PhoneNumberLogin": LoginConfig.PhoneNumberLogin,
    "EmailLogin": LoginConfig.EmailLogin,
    "UserNameLogin": LoginConfig.UserNameLogin,
    "AnonymousLogin": LoginConfig.AnonymousLogin,
    ...(LoginConfig.SmsVerificationConfig ? { "SmsVerificationConfig": LoginConfig.SmsVerificationConfig } : {}),
    ...(LoginConfig.MfaConfig ? { "MfaConfig": LoginConfig.MfaConfig } : {}),
    ...(LoginConfig.PwdUpdateStrategy ? { "PwdUpdateStrategy": LoginConfig.PwdUpdateStrategy } : {})
}

2. Anonymous Login

  1. Get LoginConfig (see Scenario 1)
  2. Set LoginConfig.AnonymousLogin = true (on) or false (off)
  3. Update:
{
    "params": { "EnvId": `env`, ...WritableLoginConfig, "AnonymousLogin": true },
    "service": "tcb",
    "action": "ModifyLoginConfig"
}

3. Username/Password Login

  1. Get LoginConfig (see Scenario 1)
  2. Set LoginConfig.UserNameLogin = true (on) or false (off)
  3. Update:
{
    "params": { "EnvId": `env`, ...WritableLoginConfig, "UserNameLogin": true },
    "service": "tcb",
    "action": "ModifyLoginConfig"
}

4. SMS Login

  1. Get LoginConfig (see Scenario 1)
  2. Modify:
    • Turn on: LoginConfig.PhoneNumberLogin = true
    • Turn off: LoginConfig.PhoneNumberLogin = false
    • Config (optional): 
      LoginConfig.SmsVerificationConfig = {
    Type: 'default',      // 'default' or 'apis'
    Name: 'method_53978f9f96a35', // required when Type = 'apis'
    Method: 'SendVerificationCode',
    SmsDayLimit: 30       // -1 = unlimited
}
  3. Update:
{
    "params": {
        "EnvId": `env`,
        ...WritableLoginConfig,
        "PhoneNumberLogin": true,
        "SmsVerificationConfig": {
            "Type": "default",
            "SmsDayLimit": 30
        }
    },
    "service": "tcb",
    "action": "ModifyLoginConfig"
}

Use custom apis to send SMS:

{
    "params": {
        "EnvId": `env`,
        ...WritableLoginConfig,
        "PhoneNumberLogin": true,
        "SmsVerificationConfig": {
            "Type": "apis",
            "Name": "method_53978f9f96a35",
            "Method": "SendVerificationCode",
            "SmsDayLimit": 20
        }
    },
    "service": "tcb",
    "action": "ModifyLoginConfig"
}

5. Email Login

Email has two layers of configuration:

  • ModifyLoginConfig.EmailLogin: controls whether email/password login is enabled
  • ModifyProvider(Id="email"): controls the email sender channel and SMTP configuration
  • In Web auth code, this maps to auth.signInWithOtp({ email }) and auth.signUp({ email })

Turn on email/password login:

{
    "params": { "EnvId": `env`, ...WritableLoginConfig, "EmailLogin": true },
    "service": "tcb",
    "action": "ModifyLoginConfig"
}

Turn off email/password login:

{
    "params": { "EnvId": `env`, ...WritableLoginConfig, "EmailLogin": false },
    "service": "tcb",
    "action": "ModifyLoginConfig"
}

Configure email provider (Tencent Cloud email):

{
    "params": {
        "EnvId": `env`,
        "Id": "email",
        "On": "TRUE",
        "EmailConfig": { "On": "TRUE", "SmtpConfig": {} }
    },
    "service": "tcb",
    "action": "ModifyProvider"
}

Disable email provider:

{
    "params": { "EnvId": `env`, "Id": "email", "On": "FALSE" },
    "service": "tcb",
    "action": "ModifyProvider"
}

Configure email provider (custom SMTP):

{
    "params": {
        "EnvId": `env`,
        "Id": "email",
        "On": "TRUE",
        "EmailConfig": {
            "On": "FALSE",
            "SmtpConfig": {
                "AccountPassword": "password",
                "AccountUsername": "username",
                "SecurityMode": "SSL",
                "SenderAddress": "sender@example.com",
                "ServerHost": "smtp.qq.com",
                "ServerPort": 465
            }
        }
    },
    "service": "tcb",
    "action": "ModifyProvider"
}

6. WeChat Login

  1. Get WeChat config:
{
    "params": { "EnvId": `env` },
    "service": "tcb",
    "action": "GetProviders"
}

Filter by Id == "wx_open", save as WeChatProvider.

  1. Get credentials from WeChat Open Platform:

    • AppID
    • AppSecret

  2. Update:

{
    "params": {
        "EnvId": `env`,
        "Id": "wx_open",
        "On": "TRUE",  // "FALSE" to disable
        "Config": {
            ...WeChatProvider.Config,
            ClientId: `AppID`,
            ClientSecret: `AppSecret`
        }
    },
    "service": "tcb",
    "action": "ModifyProvider"
}

7. Google Login

  1. Get redirect URI:
{
    "params": { "EnvId": `env` },
    "service": "lowcode",
    "action": "DescribeStaticDomain"
}

Save result.Data.StaticDomain as staticDomain.

  1. Configure at Google Cloud Console:

    • Create OAuth 2.0 Client ID
    • Set redirect URI: https://{staticDomain}/__auth/
    • Get Client ID and Client Secret

  2. Enable:

{
    "params": {
        "EnvId": `env`,
        "ProviderType": "OAUTH",
        "Id": "google",
        "On": "TRUE",  // "FALSE" to disable
        "Name": { "Message": "Google" },
        "Description": { "Message": "" },
        "Config": {
            "ClientId": `Client ID`,
            "ClientSecret": `Client Secret`,
            "Scope": "email openid profile",
            "AuthorizationEndpoint": "https://accounts.google.com/o/oauth2/v2/auth",
            "TokenEndpoint": "https://oauth2.googleapis.com/token",
            "UserinfoEndpoint": "https://www.googleapis.com/oauth2/v3/userinfo",
            "TokenEndpointAuthMethod": "CLIENT_SECRET_BASIC",
            "RequestParametersMap": {
                "RegisterUserSyncScope": "syncEveryLogin",
                "IsGoogle": "TRUE"
            }
        },
        "Picture": "https://qcloudimg.tencent-cloud.cn/raw/f9131c00dcbcbccd5899a449d68da3ba.png",
        "TransparentMode": "FALSE",
        "ReuseUserId": "TRUE",
        "AutoSignUpWithProviderUser": "TRUE"
    },
    "service": "tcb",
    "action": "ModifyProvider"
}

8. Client Configuration Boundary

Use client APIs for client metadata and token/session settings. Do not use them as a replacement for login strategy or provider management.

Query client config:

{
    "params": { "EnvId": `env`, "Id": `env` },
    "service": "tcb",
    "action": "DescribeClient"
}

Update client config:

{
    "params": {
        "EnvId": `env`,
        "Id": `env`,
        "AccessTokenExpiresIn": 7200,
        "RefreshTokenExpiresIn": 2592000,
        "MaxDevice": 3
    },
    "service": "tcb",
    "action": "ModifyClient"
}

9. Get Publishable Key

Query existing key:

{
    "params": { "EnvId": `env`, "KeyType": "publish_key", "PageNumber": 1, "PageSize": 10 },
    "service": "lowcode",
    "action": "DescribeApiKeyTokens"
}

Return PublishableKey.ApiKey if exists (filter by Name == "publish_key").

Create new key (if not exists):

{
    "params": { "EnvId": `env`, "KeyType": "publish_key", "KeyName": "publish_key" },
    "service": "lowcode",
    "action": "CreateApiKeyToken"
}

If creation fails, direct user to: "https:/

Content truncated.

More by TencentCloudBase

View all skills by TencentCloudBase

spec-workflow

TencentCloudBase

Standard software engineering workflow for requirement analysis, technical design, and task planning. Use this skill when developing new features, complex architecture designs, multi-module integrations, or projects involving database/UI design.

773

auth-web-cloudbase

TencentCloudBase

CloudBase Web Authentication Quick Guide - Provides concise and practical Web frontend authentication solutions with multiple login methods and complete user management.

30

ai-model-nodejs

TencentCloudBase

Use this skill when developing Node.js backend services or CloudBase cloud functions (Express/Koa/NestJS, serverless, backend APIs) that need AI capabilities. Features text generation (generateText), streaming (streamText), AND image generation (generateImage) via @cloudbase/node-sdk ≥3.16.0. Built-in models include Hunyuan (hunyuan-2.0-instruct-20251111 recommended), DeepSeek (deepseek-v3.2 recommended), and hunyuan-image for images. This is the ONLY SDK that supports image generation. NOT for browser/Web apps (use ai-model-web) or WeChat Mini Program (use ai-model-wechat).

00

cloud-functions

TencentCloudBase

Complete guide for CloudBase cloud functions development - runtime selection, deployment, logging, invocation, and HTTP access configuration.

00

auth-wechat-miniprogram

TencentCloudBase

Complete guide for WeChat Mini Program authentication with CloudBase - native login, user identity, and cloud function integration.

00

data-model-creation

TencentCloudBase

Optional advanced tool for complex data modeling. For simple table creation, use relational-database-tool directly with SQL statements.

00

You might also like

flutter-development

aj-geddes

Build beautiful cross-platform mobile apps with Flutter and Dart. Covers widgets, state management with Provider/BLoC, navigation, API integration, and material design.

641968

drawio-diagrams-enhanced

jgtolentino

Create professional draw.io (diagrams.net) diagrams in XML format (.drawio files) with integrated PMP/PMBOK methodologies, extensive visual asset libraries, and industry-standard professional templates. Use this skill when users ask to create flowcharts, swimlane diagrams, cross-functional flowcharts, org charts, network diagrams, UML diagrams, BPMN, project management diagrams (WBS, Gantt, PERT, RACI), risk matrices, stakeholder maps, or any other visual diagram in draw.io format. This skill includes access to custom shape libraries for icons, clipart, and professional symbols.

590705

godot

bfollington

This skill should be used when working on Godot Engine projects. It provides specialized knowledge of Godot's file formats (.gd, .tscn, .tres), architecture patterns (component-based, signal-driven, resource-based), common pitfalls, validation tools, code templates, and CLI workflows. The `godot` command is available for running the game, validating scripts, importing resources, and exporting builds. Use this skill for tasks involving Godot game development, debugging scene/resource files, implementing game systems, or creating new Godot components.

339397

ui-ux-pro-max

nextlevelbuilder

"UI/UX design intelligence. 50 styles, 21 palettes, 50 font pairings, 20 charts, 8 stacks (React, Next.js, Vue, Svelte, SwiftUI, React Native, Flutter, Tailwind). Actions: plan, build, create, design, implement, review, fix, improve, optimize, enhance, refactor, check UI/UX code. Projects: website, landing page, dashboard, admin panel, e-commerce, SaaS, portfolio, blog, mobile app, .html, .tsx, .vue, .svelte. Elements: button, modal, navbar, sidebar, card, table, form, chart. Styles: glassmorphism, claymorphism, minimalism, brutalism, neumorphism, bento grid, dark mode, responsive, skeuomorphism, flat design. Topics: color palette, accessibility, animation, layout, typography, font pairing, spacing, hover, shadow, gradient."

318395

nano-banana-pro

garg-aayush

Generate and edit images using Google's Nano Banana Pro (Gemini 3 Pro Image) API. Use when the user asks to generate, create, edit, modify, change, alter, or update images. Also use when user references an existing image file and asks to modify it in any way (e.g., "modify this image", "change the background", "replace X with Y"). Supports both text-to-image generation and image-to-image editing with configurable resolution (1K default, 2K, or 4K for high resolution). DO NOT read the image file first - use this skill directly with the --input-image parameter.

450339

fastapi-templates

wshobson

Create production-ready FastAPI projects with async patterns, dependency injection, and comprehensive error handling. Use when building new FastAPI applications or setting up backend API projects.

304231

Related MCP Servers

Browse all servers
PicaPica

Pica is automated workflow software for business process automation, integrating actions across services via a unified i

100 tools
Hellō AdminHellō Admin

Manage and secure Hellō authentication apps with Hellō Admin — create, configure, and monitor user authentication quickl

41 tools
ClerkClerk

Securely manage Clerk authentication, users, sessions, orgs, and authorization for seamless identity and access control.

1,6736 tools
Tencent CloudBaseTencent CloudBase

Deploy, monitor, and manage cloud based DBMS and cloud database management tasks on Tencent CloudBase with AI-powered to

9700 tools
Tencent CloudBaseTencent CloudBase

Deploy, monitor, and manage full-stack apps on Tencent CloudBase—tools for cloud environments, databases, functions, hos

97038 tools
Google SheetsGoogle Sheets

Integrate with Google Sheets and Google Drive to manage spreadsheets easily using the Google Sheets API and advanced aut

7260 tools

Stay ahead of the MCP ecosystem

Get weekly updates on new skills and servers.