Can I set performance benchmarks for my auth flows?

Yes, the skill includes Performance SLAs to ensure login and token operations meet specific timing targets like sub-second token validation.

Does it test role-based access control (RBAC)?

Yes, it includes specific capabilities for testing both role-based and permission-based authorization to ensure resources are properly protected.

Is this suitable for CI/CD pipelines?

Absolutely, it is designed to be executed during release workflows to prevent unauthorized access or broken login paths from deploying to production.

What types of authentication does this skill support?

It supports various flows including email/password, OAuth, SSO, and multi-factor authentication (MFA).

What happens if an authentication test fails?

The skill establishes strict criteria where any failure—such as unauthorized access or a failed login—blocks the deployment to maintain security integrity.

Auth Smoke Testing

Name: Auth Smoke Testing
Author: FortiumPartners

byFortiumPartners

Security & Testing

Automates comprehensive authentication and authorization smoke tests to validate login flows, token security, and access control during release cycles.

About

The Auth Smoke Testing skill provides a specialized framework for validating critical security infrastructure within Claude Code workflows. It enables developers to execute rigorous tests on login flows, JWT generation, session persistence, and multi-factor authentication before code reaches production. By integrating predefined performance SLAs and strict pass/fail criteria, this skill ensures that authentication mechanisms remain robust and that protected resources are inaccessible to unauthorized users, effectively preventing security regressions during the deployment process.

Key Features

0 GitHub stars
Tests JWT generation, validation, and refresh token cycles
Verifies role-based and permission-based access controls
Validates complex login flows including OAuth, SSO, and MFA
Monitors session persistence and expiration logic
Benchmarks auth performance against pre-defined SLA targets

Use Cases

Ensuring secure access control for new protected API resources
Pre-deployment smoke testing to prevent authentication regressions
Validating production login stability after infrastructure updates

About

Key Features

0 GitHub stars
Tests JWT generation, validation, and refresh token cycles
Verifies role-based and permission-based access controls
Validates complex login flows including OAuth, SSO, and MFA
Monitors session persistence and expiration logic
Benchmarks auth performance against pre-defined SLA targets

Use Cases

Ensuring secure access control for new protected API resources
Pre-deployment smoke testing to prevent authentication regressions
Validating production login stability after infrastructure updates