Sign In With Vercel

Name: Sign In With Vercel
Author: vercel-labs

vercel-labs/vercel-plugin

Implement user login using Vercel as the OAuth 2.0/OIDC identity provider in App Router or Pages auth routes.

Overview

sign-in-with-vercel is an agent skill for the Build phase that implements user login with Vercel as the OAuth 2.0/OIDC identity provider.

Install

npx skills add https://github.com/vercel-labs/vercel-plugin --skill sign-in-with-vercel

What is this skill?

OAuth 2.0 and OIDC patterns for Sign in with Vercel as the identity provider
Path-aware retrieval for app/api/auth, login, and pages/api/auth layouts
Chains to auth skill when NextAuth or Auth.js is detected for middleware and provider setup
Chains to env-vars skill when VERCEL_CLIENT_ID or VERCEL_CLIENT_SECRET appear for secure env management

Compatible agents: Claude Code, Cursor, Codex, Windsurf

Adoption & trust: 38 installs on skills.sh; 187 GitHub stars; 3/3 security scanners passed (skills.sh audits).

What problem does it solve?

You need Vercel-account login in your app but are unsure how to configure OAuth routes, providers, and secrets correctly on Vercel.

Who is it for?

Solo builders on Vercel deploying Next.js apps who want Sign in with Vercel instead of bolting on an unrelated IdP first.

Skip if: Projects already fully on Clerk or Descope with no Vercel OAuth intent, or apps that do not need user authentication at all.

When should I use this skill?

Implementing user login with Vercel as the identity provider or when OAuth/OIDC Sign in with Vercel patterns apply.

What do I get? / Deliverables

You get doc-aligned OAuth/OIDC setup for Sign in with Vercel, with chained auth and env-vars guidance when NextAuth or client secrets are in play.

Configured Sign in with Vercel OAuth/OIDC flow
Aligned env var handling for VERCEL_CLIENT_ID and VERCEL_CLIENT_SECRET

Recommended Skills

Entra App Registrationmicrosoft/azure-skills

Walkthrough for Microsoft Entra ID app registration, OAuth configuration, and MSAL-based authentication setup.374k installs·1.2k stars

Azure Aigatewaymicrosoft/azure-skills

Quick reference for building and operating Azure API Management as an AI gateway using ARM .NET SDK and policy best prac…373k installs·1.2k stars

Lark Openapi Explorerlarksuite/cli

Escalation path for uncovered Lark/Feishu APIs: browse official OpenAPI docs and execute via lark-cli.208k installs·13.7k stars

Supabasesupabase/agent-skills

Authoritative Supabase agent skill for database, auth, edge functions, and client SSR with emphasis on up-to-date docs, …111k installs·2.2k stars

Firebase Auth Basicsfirebase/agent-skills

firebase-auth-basics is a guided agent skill for solo builders implementing Firebase Authentication in web or mobile-bac…75.7k installs·345 stars

Firebase Data Connectfirebase/agent-skills

Firebase Data Connect is an agent skill that equips solo builders to design relational data layers on Firebase using Gra…73.2k installs·345 stars

Journey fit

Primary fit

BuildBackend, data & payments

Authentication against Vercel’s identity provider is wired during product build when API and login routes are created. The skill targets app/api/auth and login paths, client credentials, and provider configuration—backend identity integration, not marketing or SEO.

Also useful

ShipSecurity

How it compares

Vercel-hosted OAuth identity guidance for your app routes—not a generic password-auth checklist or an MCP server.

Common Questions / FAQ

Who is sign-in-with-vercel for?

Indie developers implementing login on Vercel-hosted Next.js apps who want OAuth 2.0/OIDC through Sign in with Vercel.

When should I use sign-in-with-vercel?

In Build while creating app/api/auth or login routes, configuring the Vercel identity provider, or aligning NextAuth with Vercel OAuth env vars.

Is sign-in-with-vercel safe to install?

OAuth skills touch secrets and auth flows—review the Security Audits panel on this page and never commit VERCEL_CLIENT_SECRET to the repo.

Workflow Chain

Then invoke: auth, env vars

SKILL.md

READMESKILL.md - Sign In With Vercel

# Sign in with Vercel

You are an expert in Sign in with Vercel — Vercel's OAuth 2.0 / OpenID Connect identity provider.

## What It Is

Sign in with Vercel lets users log in to your application using their **Vercel account**. Your app does not need to handle passwords, create accounts, or manage user sessions — Vercel acts as the identity provider (IdP).

## OAuth 2.0 Authorization Code Flow

```
1. User clicks "Sign in with Vercel"
2. Redirect to Vercel authorization URL
3. User grants consent on Vercel's consent page
4. Vercel redirects back with authorization code
5. Exchange code for tokens (ID Token + Access Token + Refresh Token)
```

## Tokens

| Token | Lifetime | Purpose |
|-------|----------|---------|
| **ID Token** | Signed JWT | Proves user identity (name, email, avatar) |
| **Access Token** | 1 hour | Bearer token for Vercel REST API calls |
| **Refresh Token** | 30 days | Silent re-authentication (rotates on use) |

## Configuration

1. Register your app at `https://vercel.com/dashboard/{team}/integrations/console` (the Integrations Console). Click **Create Integration** → fill in the OAuth details → note the Client ID and Client Secret.
2. Configure redirect URIs and scopes
3. Use any standard OAuth 2.0 client library (no Vercel-specific SDK required)

## When to Use

- Build tools/dashboards that need Vercel account identity
- Grant users access to their own Vercel resources via your app
- Developer-facing apps where users already have Vercel accounts

## When NOT to Use

- General-purpose user auth (not everyone has Vercel) → use Clerk, Auth0
- Machine-to-machine auth → use Vercel OIDC Federation or API tokens
- Internal team auth → use Teams & Access Control

## References

- 📖 docs: https://vercel.com/docs/sign-in-with-vercel

What is this skill?

OAuth 2.0 and OIDC patterns for Sign in with Vercel as the identity provider

Path-aware retrieval for app/api/auth, login, and pages/api/auth layouts

Chains to auth skill when NextAuth or Auth.js is detected for middleware and provider setup

Chains to env-vars skill when VERCEL_CLIENT_ID or VERCEL_CLIENT_SECRET appear for secure env management

Compatible agents: Claude Code, Cursor, Codex, Windsurf

Adoption & trust: 38 installs on skills.sh; 187 GitHub stars; 3/3 security scanners passed (skills.sh audits).

Journey fit

Primary fit

BuildBackend, data & payments

Also useful

ShipSecurity

SKILL.md

READMESKILL.md - Sign In With Vercel

# Sign in with Vercel

You are an expert in Sign in with Vercel — Vercel's OAuth 2.0 / OpenID Connect identity provider.

## What It Is

Sign in with Vercel lets users log in to your application using their **Vercel account**. Your app does not need to handle passwords, create accounts, or manage user sessions — Vercel acts as the identity provider (IdP).

## OAuth 2.0 Authorization Code Flow

```
1. User clicks "Sign in with Vercel"
2. Redirect to Vercel authorization URL
3. User grants consent on Vercel's consent page
4. Vercel redirects back with authorization code
5. Exchange code for tokens (ID Token + Access Token + Refresh Token)
```

## Tokens

| Token | Lifetime | Purpose |
|-------|----------|---------|
| **ID Token** | Signed JWT | Proves user identity (name, email, avatar) |
| **Access Token** | 1 hour | Bearer token for Vercel REST API calls |
| **Refresh Token** | 30 days | Silent re-authentication (rotates on use) |

## Configuration

1. Register your app at `https://vercel.com/dashboard/{team}/integrations/console` (the Integrations Console). Click **Create Integration** → fill in the OAuth details → note the Client ID and Client Secret.
2. Configure redirect URIs and scopes
3. Use any standard OAuth 2.0 client library (no Vercel-specific SDK required)

## When to Use

- Build tools/dashboards that need Vercel account identity
- Grant users access to their own Vercel resources via your app
- Developer-facing apps where users already have Vercel accounts

## When NOT to Use

- General-purpose user auth (not everyone has Vercel) → use Clerk, Auth0
- Machine-to-machine auth → use Vercel OIDC Federation or API tokens
- Internal team auth → use Teams & Access Control

## References

- 📖 docs: https://vercel.com/docs/sign-in-with-vercel

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is sign-in-with-vercel for?

When should I use sign-in-with-vercel?

Is sign-in-with-vercel safe to install?

SKILL.md

This week for builders

Overview

Install

What is this skill?

What problem does it solve?

Who is it for?

When should I use this skill?

What do I get? / Deliverables

Recommended Skills

Journey fit

Who is sign-in-with-vercel for?

When should I use sign-in-with-vercel?

Is sign-in-with-vercel safe to install?

SKILL.md