Search skills.../

Production Readiness Scalekit | Skills Pool

Skill File

Production Readiness Scalekit

Walks through a structured production readiness checklist for Scalekit SSO implementations. Use when the user says they are going live, launching to production, doing a pre-launch review, hardening their SSO setup, or wants to verify their Scalekit implementation is production-ready.

scalekit-inc0 starsMar 2, 2026

Occupation
Categories: E-commerce

Skill Content

Scalekit SSO Production Readiness

Work through each section in order — earlier sections are blockers for later ones.

Quick checks (run first)

Production environment URL, client ID, and client secret are set (not dev/staging values)
HTTPS enforced on all auth endpoints
CORS restricted to your domains only
API credentials stored in environment variables — never committed to code

Customization

Login page branded with logo, colors, styling
Email templates customized (sign-up, password reset, invitations)

Related Skills

Quick Install

Production Readiness Scalekit

npx skills add scalekit-inc/claude-code-authstack

Download Skill Open repository

Author: scalekit-inc
stars: 0
Updated: Mar 2, 2026
Occupation

On this page

01Scalekit SSO Production Readiness

Custom domain configured for auth pages (if applicable)

Email provider configured in Dashboard > Customization > Emails

Email deliverability tested — check spam folders

Webhooks configured with signature validation

Core auth flows

Test login initiation with authorization URL
Validate redirect URLs match dashboard configuration exactly
Test authentication completion and code exchange
Validate state parameter in callbacks (CSRF protection)
Verify session token storage uses httpOnly, secure, and sameSite flags
Test session timeout and automatic token refresh
Verify logout clears sessions completely
Expired tokens handled gracefully
Network failures show user-friendly messages

SSO flows

Test SSO with target IdPs: Okta, Azure AD, Google Workspace → IT admin setup guides per IdP: https://docs.scalekit.com/guides/integrations/sso-integrations/
Configure user attribute mapping (email, name, groups)
Test both SP-initiated and IdP-initiated SSO flows
Verify SSO error handling for misconfigured connections
Test SSO with: new users, existing users, deactivated users

JIT provisioning:

Register all organization domains for JIT provisioning
Configure consistent user identifiers across SSO connections (email or userPrincipalName)
Set default roles for JIT-provisioned users
Enable "Sync user attributes during login"
Plan manual invitation process for contractors/external users with non-matching domains
Set up review process for automatically provisioned users

Admin portal:

Configure admin portal access for enterprise customers
Test admin portal SSO configuration flows
Verify user management features in admin portal

Organization management

Test organization creation
Test adding and removing users from organizations
Set allowed email domains for org sign-ups (if applicable)
Verify organization switching for users in multiple orgs
Test invitation flow and email templates

Network and firewall

Enterprise customers behind VPN or corporate firewall must whitelist:

Domain	Purpose
`<your-env>.scalekit.com`	Auth + admin portal
`cdn.scalekit.com`	Static assets
`fonts.googleapis.com`	Font resources

Customer firewalls allow Scalekit domains
SSO tested from customer's network environment

Monitoring and incident readiness

Auth logs monitoring configured in Dashboard > Auth Logs
Alerts set for suspicious activity (multiple failed logins, unusual locations)
Webhook event monitoring and logging active
Error tracking configured for authentication failures
Log retention policies configured
Webhook delivery and retry mechanism tested
Incident response runbook written (who to contact, how to roll back, escalation path)
Rollback plan ready (feature flag to disable SSO flows if needed)

Key metrics:

Login success/failure rates
SSO initiation vs completion rate
Session creation and duration
Webhook delivery success rate

02Quick checks (run first)

03Customization

04Core auth flows

06Organization management

07Network and firewall

08Monitoring and incident readiness

Software Developers

Ordercli

Foodora-only CLI for checking past orders and active order status (Deliveroo WIP).

Deployment Patterns

Deployment iş akışları, CI/CD pipeline kalıpları, Docker konteynerizasyonu, sağlık kontrolleri, rollback stratejileri ve web uygulamaları için üretim hazırlığı kontrol listeleri.

Junta Leiloeiros

Coleta e consulta dados de leiloeiros oficiais de todas as 27 Juntas Comerciais do Brasil. Scraper multi-UF, banco SQLite, API FastAPI e exportacao CSV/JSON.

Persona Sales Ops

Manage sales workflows — track deals, schedule calls, client comms.

googleworkspace25.0k

Eliza App Development

Use when building or changing an elizaOS-based application in this repository. Covers eliza app architecture, monorepo layout, local versus remote versus cloud routing, where to edit features, and non-negotiable runtime constraints. Eliza is the product name of this particular eliza app checkout.

Ordercli

Foodora-only CLI for checking past orders and active order status (Deliveroo WIP). Use when the user asks to check food delivery orders, track a Foodora delivery, view order history, reorder a meal, look up past food orders, check delivery status, or manage Foodora sessions and authentication.

Software Developers