How do I troubleshoot a 401 Unauthorized error?

The skill provides a debugging checklist to verify token expiration, cookie format, JWT secrets in config.ini, and Keycloak service status.

Does this skill support file uploads?

Yes, it provides specific curl patterns for testing multipart/form-data file uploads with proper authentication headers.

What is the recommended way to test routes with this skill?

The recommended method is using the test-auth-route.js script, which handles Keycloak login, JWT signing, and cookie injection automatically.

Can I test routes without a running Keycloak instance?

Yes, you can use the Mock Authentication method by enabling MOCK_AUTH in your development environment to bypass Keycloak entirely.

Can I verify database changes after a route test?

Yes, the skill includes patterns for connecting to MySQL via Docker to verify that route actions correctly updated the database.

Authenticated Route Tester

Name: Authenticated Route Tester
Author: Activer007

byActiver007

Security & Testing

Tests and validates authenticated API endpoints using cookie-based JWT and Keycloak authentication patterns.

About

The Route Tester skill provides a comprehensive framework for testing protected API routes within a microservices architecture. It simplifies the complexity of Keycloak authentication by providing automated patterns for generating signed JWT tokens and injecting them into cookie-based requests. Whether you are validating new workflow endpoints, debugging authorization issues, or performing form submission tests, this skill offers both automated script-based approaches and manual curl patterns to ensure your services are secure and functional across development and test environments.

Key Features

Mock authentication support for rapid local development
Automated Keycloak JWT token generation and cookie signing
Comprehensive patterns for GET, POST, and file upload testing
Integration with database verification for data integrity checks
0 GitHub stars
Port mapping and route prefix management for multi-service environments
Detailed troubleshooting guide for common HTTP status codes (401, 403, 500)

Use Cases

Testing protected API endpoints during the development of new features
Debugging authentication failures and JWT signature mismatches in microservices
Verifying complex workflow transitions and database side-effects after state changes

About

Key Features

Mock authentication support for rapid local development
Automated Keycloak JWT token generation and cookie signing
Comprehensive patterns for GET, POST, and file upload testing
Integration with database verification for data integrity checks
0 GitHub stars
Port mapping and route prefix management for multi-service environments
Detailed troubleshooting guide for common HTTP status codes (401, 403, 500)

Use Cases

Testing protected API endpoints during the development of new features
Debugging authentication failures and JWT signature mismatches in microservices
Verifying complex workflow transitions and database side-effects after state changes