cyberneticlibrary
← library

Secure cloud identity and auth flows

cloud-identity-and-authskillsetup L164
Tibsfox/gsd-skill-creator
What it does

Design secure multi-tenant cloud IAM and token systems

Best for

Building cloud platforms with federated identity, zero over-privilege, and auditability.

Inputs
  • · User principals, scopes, roles, resource ACLs, token requirements
Outputs
  • · Token design, policy engine spec, federation architecture, least-privilege roles
Preconditions
  • · Distinguish authn/authz/audit cleanly
  • · Understand OAuth 2.0 and OIDC
  • · Know JWT pitfalls
Failure modes
  • · JWT with alg:none
  • · Algorithm confusion (RSA pubkey as HMAC secret)
  • · Long-lived tokens without revocation
  • · Storing sensitive data in JWT payload
Trust signals
  • · Tibsfox, stable 2026-04-12
  • · Covers Keystone, OAuth 2.0, OIDC, SAML, mTLS, SPIFFE
  • · Service-catalog pattern + admin/internal/public endpoints