Skip to content

_agentkit-codex.mdx

Latest commit

 

History

History
57 lines (36 loc) · 3.53 KB

_agentkit-codex.mdx

File metadata and controls

57 lines (36 loc) · 3.53 KB

import { Steps, Aside } from '@astrojs/starlight/components'

1. ## Install the Scalekit Auth Stack marketplace

Install Scalekit's Codex-native marketplace to access focused authentication plugins and reusable implementation guidance.

Run the bootstrap installer:

curl -fsSL https://raw.githubusercontent.com/scalekit-inc/codex-authstack/main/install.sh | bash

This installer downloads the marketplace from GitHub, installs it into ~/.codex/marketplaces/scalekit-auth-stack, and only updates ~/.agents/plugins/marketplace.json when it is safe to do so.

The installer avoids overwriting another personal marketplace by default. If it skips that file, follow the installer's manual path and select the marketplace from `~/.codex/marketplaces/scalekit-auth-stack/.agents/plugins/marketplace.json`.

  1. Enable the AgentKit plugin

    Restart Codex so it reloads installed marketplaces, then open the Plugin Directory and select Scalekit Auth Stack.

    Install the agentkit plugin. This plugin includes the workflows, connector guidance, and references Codex uses to generate AgentKit code for connected accounts and delegated OAuth flows.

  2. Generate the authentication implementation

    Use a structured prompt to direct Codex. A well-formed prompt helps Codex generate complete, production-ready AgentKit code that includes all required security components.

    Copy the following prompt into Codex:

    Guide me through configuring the installed Scalekit marketplace plugin to handle agent authentication for Gmail. Provide the code to trigger the auth flow, retrieve the secure user token, and then use that authenticated session to fetch and list the last 5 unread emails. Add logging to verify the flow.

    When you submit this prompt, Codex loads the AgentKit plugin from the Scalekit Auth Stack marketplace, analyzes your existing application structure, generates Scalekit client initialization, creates connected account management functions, implements OAuth authorization link generation, and adds token fetching and refresh logic.

    Always review AI-generated authentication code before deployment. Verify that environment variables, token validation logic, and error handling match your security requirements. The coding agent provides a foundation, but you must ensure it aligns with your application's specific needs.

  3. Verify the just-in-time implementation

    After Codex completes, verify that all authentication components are properly configured:

    Check generated files:

    • Scalekit client initialization with credentials. You may need to set up a .env file with your Scalekit API credentials.
    • Connected account management functions
    • Authorization link generation
    • Token fetching and storage
    • Error handling for expired tokens

    The authorization flow should redirect users to the service's consent page, where they grant permissions. Your application should then be able to fetch OAuth tokens and execute actions on behalf of the authenticated user.

When you connect, the agent authenticates users through the OAuth 2.0 flow you configured. Verify that protected resources require valid access tokens and that the agent can successfully execute actions on behalf of authenticated users.