Skill UI

This guide identifies and corrects the most common programming mistakes and anti-patterns when integrating with Adobe APIs. It covers critical topics such as migrating from deprecated JWT to OAuth, implementing token caching, handling asynchronous job polling, and secure file uploads. Essential reading for building robust, production-ready Adobe integrations.

A comprehensive skill for implementing secure, real-time webhook endpoint handling for Canva. This module covers receiving and verifying signed JWT payloads using JWK keys, enabling your application to react instantly to various user interactions (e.g., comments, design sharing, access requests). Ideal for building sophisticated SaaS integrations and automating workflows based on Canva activity.

A deep-dive guide for re-architecting complex enterprise systems within the Adobe ecosystem. This skill covers three major migration patterns: consolidating multiple legacy Adobe APIs into the unified Firefly Services SDK, implementing 'strangler-fig' patterns to replace competitor APIs (e.g., PDFTron, Cloudinary) with native Adobe services, and migrating authentication methods (JWT to OAuth). It provides practical code examples and architectural advice for full platform replatforming.

A comprehensive guide for developers tackling critical Adobe API upgrades. It covers major breaking changes and migration paths, including transitioning from JWT to OAuth Server-to-Server authentication, updating the PDF Services SDK from v3 to v4 (job-based API), and migrating Photoshop endpoints from v1 to v2. Essential for ensuring stable integration with Adobe Creative Cloud services.

A speed-optimized, comprehensive checklist for rapid security assessments. This guide covers full-cycle penetration testing methodologies, including deep reconnaissance (WAF bypass, CDN mapping), access control testing (MFA, JWT, API keys), and session management vulnerabilities. Ideal for time-boxed engagements, CTF competition, or initial service triage.

A comprehensive checklist detailing advanced attack methodologies for JSON Web Tokens (JWT). Covers critical misconfigurations such as algorithm confusion (alg:none, RS256→HS256), weak secret brute forcing, header injection (kid, jku, jwk), cache poisoning, and improper validation. Also provides specific vectors for extracting JWTs from mobile environments (Android/iOS). Ideal for penetration testers conducting deep security assessments on authentication systems.

This bundle generates comprehensive diagnostic logs for troubleshooting OneNote Graph API issues. It captures critical data points—such as the `request-id`, `x-ms-ags-diagnostic` headers, full error bodies, and decoded JWT token claims—for both successful and failed API calls. Use it for self-diagnosis, verifying permissions, or preparing detailed support tickets for Microsoft support.

This skill guides the setup of Continuous Integration and Continuous Deployment (CI/CD) pipelines for Salesforce projects using GitHub Actions. It covers automated metadata deployment, rigorous Apex unit testing, and integration testing, ensuring code quality and stability before every release. Key steps include configuring JWT authentication, setting up GitHub Secrets, and defining multi-stage workflows to validate and deploy changes across environments.

This comprehensive tool facilitates the secure deployment of Node.js applications connected to Salesforce across major cloud environments like Heroku, Vercel, and Google Cloud Run. It manages complex authentication using JWT Bearer flow and handles platform-specific secret configuration, ensuring seamless migration of Salesforce-powered applications from sandbox to production.

This comprehensive skill guides users through installing and configuring the necessary SDKs (jsforce, simple-salesforce) to connect programmatically to Salesforce. It thoroughly covers multiple industry-standard OAuth 2.0 flows, including Username-Password, JWT Bearer, and Web Server flow. This is essential for setting up secure, robust integrations in new projects, CI/CD pipelines, or user-facing applications requiring access to Salesforce data.

This guide details how to integrate Auth0 as an external Identity Provider (IDP) for Webiny, replacing the default Cognito authentication. It involves creating an API config class to map Auth0's JWT claims to Webiny identities and implementing a React extension component. Users must set environment variables (AUTH0_ISSUER, AUTH0_CLIENT_ID) and register the necessary extensions for successful OIDC authentication flow.

This skill guides developers on integrating Okta as an external Identity Provider (IDP) for Webiny. It replaces default authentication methods (like Cognito) by utilizing the OpenID Connect (OIDC) standard. The process involves setting up an API configuration class to map Okta's JWT claims to Webiny identities, and creating a React extension component to wire the issuer URL, client ID, and configuration path, enabling seamless Single Sign-On (SSO) using Okta.