What it does

This skill provides a battle-tested, drop-in OAuth2 implementation for Discord Embedded App SDK activities. It automates the complex three-step handshake required to get an authenticated user session inside a Discord iframe: authorization, server-side token exchange, and SDK authentication.

Why use this skill

Implementing Discord OAuth manually is error-prone. Common pitfalls include sending JSON instead of form-encoded data to Discord's token endpoint or accidentally exposing client secrets in the frontend. This skill provides field-verified code that keeps secrets on the server, handles the specific Content-Type requirements of Discord's API, and includes a "Dev Mode" fallback so you can build your UI in a browser without needing to launch Discord every time.

Supported tools

• Frontend: TypeScript/JavaScript with Discord Embedded App SDK
• Backend: Node.js (Express/Fastify) or Python (FastAPI)
• Bundlers: Optimized for Vite (VITE_ prefixing) but adaptable to others

The Output

You receive a dedicated DiscordAuth client class and a corresponding server-side route handler. The client class manages the internal SDK state, while the server route handles the secure communication with Discord. It also includes an .env.example with the exact keys required to make the handshake work.