一键导入
golem-add-http-auth-rust
Enabling authentication on Rust HTTP endpoints. Use when the user asks to add auth, require authentication, or protect HTTP endpoints.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
菜单
Enabling authentication on Rust HTTP endpoints. Use when the user asks to add auth, require authentication, or protect HTTP endpoints.
用 Codex 或 Claude 帮你安装 复制这段 Prompt,粘贴到 Codex、Claude 或其他助手里,让它检查 Skill 页面并帮你完成安装。
Adding secrets to MoonBit Golem agents. Use when the user asks to add secret values, API keys, or sensitive configuration to a MoonBit agent.
Adding secrets to Rust Golem agents. Use when the user needs to store sensitive configuration such as API keys, passwords, or tokens that should not be checked into source control.
Adding secrets to Scala Golem agents. Use when the user asks to add secret values, API keys, passwords, or sensitive configuration to a Scala Golem agent.
Adding secrets to TypeScript Golem agents. Use when the user asks to add secrets, store API keys, manage sensitive config values, or use Secret<T> in TypeScript agents.
Adding or changing application manifest JSON schema versions and aligning CLI schema references.
Adding or modifying WIT (WebAssembly Interface Types) interfaces. Use when changing .wit files, updating WIT dependencies, or working with component interfaces.
| name | golem-add-http-auth-rust |
| description | Enabling authentication on Rust HTTP endpoints. Use when the user asks to add auth, require authentication, or protect HTTP endpoints. |
Golem supports authentication on HTTP endpoints via OIDC providers. Authentication is enabled in the agent code and configured via security schemes in golem.yaml. Load the golem-configure-api-domain skill for details on setting up security schemes and domain deployments, including when to use subdomain versus domain.
Set auth = true on #[agent_definition] to require authentication for all endpoints:
#[agent_definition(mount = "/secure/{name}", auth = true)]
pub trait SecureAgent {
fn new(name: String) -> Self;
// All endpoints require authentication
}
Set auth = true on specific #[endpoint] attributes:
#[agent_definition(mount = "/api/{name}")]
pub trait ApiAgent {
fn new(name: String) -> Self;
#[endpoint(get = "/public")]
fn public_data(&self) -> String;
#[endpoint(get = "/private", auth = true)]
fn private_data(&self) -> String;
}
Per-endpoint auth overrides the mount-level setting:
#[agent_definition(mount = "/api/{name}", auth = true)]
pub trait MostlySecureAgent {
fn new(name: String) -> Self;
#[endpoint(get = "/health", auth = false)]
fn health(&self) -> String; // No auth required
#[endpoint(get = "/data")]
fn get_data(&self) -> Data; // Auth required (inherited)
}
After enabling auth = true in code, you must configure a security scheme in golem.yaml. Load the golem-configure-api-domain skill for the full details, including when to use subdomain versus domain. Quick reference:
httpApi:
deployments:
local:
- subdomain: my-app # resolves to my-app.localhost:9006 by default
agents:
SecureAgent:
securityScheme: my-oidc # For production OIDC
# or for development:
# SecureAgent:
# testSessionHeaderName: X-Test-Auth