Set up authentication, identity mapping, and access control in Convex apps.
Copy the install command and let the AI configure it · recommended for beginners
Please install the "convex-setup-auth" skill from askskill: 1. Download https://raw.githubusercontent.com/openclaw/clawhub/main/.agents/skills/convex-setup-auth/SKILL.md 2. Save it as ~/.claude/skills/convex-setup-auth/SKILL.md 3. Reload skills and tell me it's ready
Set up authentication for my Convex app with GitHub and Google login, create a users table, and automatically store user profiles on first sign-in.
Provides an auth setup plan, users table schema, and implementation steps for creating user records on first sign-in.
Help me restrict some Convex queries and mutations so only authenticated users can call them, with clear errors for unauthenticated requests.
Outputs an authorization approach for protected functions and access control logic for authenticated versus unauthenticated requests.
Design three roles for my Convex app—admin, editor, and regular user—and implement role-based access control rules.
Gives a role model, permission mapping plan, and implementation guidance for enforcing role checks in functions.
Implement secure authentication in Convex with user management and access control.
Convex supports multiple authentication approaches. Do not assume a provider.
Before writing setup code:
Common options:
Look for signals in the repo before asking:
@clerk/*, @workos-inc/*, @auth0/*, or Convex Auth
packagesconvex/auth.config.ts, auth middleware, provider
wrappers, or login componentsRead the provider's official guide and the matching local reference file:
references/convex-auth.mdreferences/clerk.mdreferences/workos-authkit.mdreferences/auth0.mdThe local reference files contain the concrete workflow, expected files and env vars, gotchas, and validation checks.
Use those sources for:
convex/auth.config.ts setupFor shared auth behavior, use the official Convex docs as the source of truth:
ctx.auth.getUserIdentity()Prefer official docs over recalled steps, because provider CLIs and Convex Auth
internals change between versions. Inventing setup from memory risks outdated
patterns. For third-party providers, only add app-level user storage if the app
actually needs user documents in Convex. Not every app needs a users table.
For Convex Auth, follow the Convex Auth docs and built-in auth tables rather
than adding a parallel users table plus storeUser flow, because Convex Auth
already manages user records internally. After running provider initialization
commands, verify generated files and complete the post-init wiring steps the
…
Helps users choose the right Convex skill for vague app tasks.
Plan Convex schema and data migrations for safe, zero-downtime rollouts.
Audit Convex performance issues across reads, subscriptions, writes, and function limits.
Perform ClawHub moderation actions like bans, role changes, and status checks.
Build reusable Convex components with isolated tables and app-facing backend APIs.
Set up Convex in a new or existing app quickly.
Set up authentication, authorization, and identity providers for Power Pages sites.
Build production-ready Convex apps with reusable agent skills and templates.
Manage authentik users and groups via API for provisioning and access tasks.
Deploy Python functions as authenticated MCP connectors with OAuth and isolated environments.
Authenticate users with Auth0 and call protected APIs on their behalf.
Auto-generate authenticated CRUD operations for database models defined in ZenStack.