attio-install-auth
Set up Attio REST API authentication with access tokens or OAuth 2.0. Use when configuring API keys, setting token scopes, initializing the Attio client, or connecting an app via OAuth. Trigger: "install attio", "setup attio", "attio auth", "attio API key", "attio OAuth", "attio access token".
Best use case
attio-install-auth is best used when you need a repeatable AI agent workflow instead of a one-off prompt.
Set up Attio REST API authentication with access tokens or OAuth 2.0. Use when configuring API keys, setting token scopes, initializing the Attio client, or connecting an app via OAuth. Trigger: "install attio", "setup attio", "attio auth", "attio API key", "attio OAuth", "attio access token".
Teams using attio-install-auth should expect a more consistent output, faster repeated execution, less prompt rewriting.
When to use this skill
- You want a reusable workflow that can be run more than once with consistent structure.
When not to use this skill
- You only need a quick one-off answer and do not need a reusable workflow.
- You cannot install or maintain the underlying files, dependencies, or repository context.
Installation
Claude Code / Cursor / Codex
Manual Installation
- Download SKILL.md from GitHub
- Place it in
.claude/skills/attio-install-auth/SKILL.mdinside your project - Restart your AI agent — it will auto-discover the skill
How attio-install-auth Compares
| Feature / Agent | attio-install-auth | Standard Approach |
|---|---|---|
| Platform Support | Not specified | Limited / Varies |
| Context Awareness | High | Baseline |
| Installation Complexity | Unknown | N/A |
Frequently Asked Questions
What does this skill do?
Set up Attio REST API authentication with access tokens or OAuth 2.0. Use when configuring API keys, setting token scopes, initializing the Attio client, or connecting an app via OAuth. Trigger: "install attio", "setup attio", "attio auth", "attio API key", "attio OAuth", "attio access token".
Where can I find the source code?
You can find the source code on GitHub using the link provided at the top of the page.
Related Guides
Best AI Skills for Claude
Explore the best AI skills for Claude and Claude Code across coding, research, workflow automation, documentation, and agent operations.
ChatGPT vs Claude for Agent Skills
Compare ChatGPT and Claude for AI agent skills across coding, writing, research, and reusable workflow execution.
SKILL.md Source
# Attio Install & Auth
## Overview
Configure authentication for the Attio REST API (`https://api.attio.com/v2`). Attio offers two auth methods: **access tokens** (scoped to a single workspace) and **OAuth 2.0** (for multi-workspace integrations). There is no official first-party Node SDK -- use `fetch` or a community client like `attio-js`.
## Prerequisites
- Node.js 18+ or Python 3.10+
- Attio account at [app.attio.com](https://app.attio.com)
- API access enabled in workspace settings
## Instructions
### Step 1: Generate an Access Token
1. Open **Settings > Developers > Access tokens** in your Attio workspace
2. Click **Create token** and name it (e.g., `my-integration-dev`)
3. Configure scopes (tokens have **no scopes by default** -- you must add them):
| Scope | Grants access to |
|-------|-----------------|
| `object_configuration:read` | List/get objects and attributes |
| `record_permission:read` | Read records (people, companies, deals) |
| `record_permission:read-write` | Create/update/delete records |
| `list_entry:read` | Read list entries |
| `list_entry:read-write` | Create/update/delete list entries |
| `note:read-write` | Create and read notes |
| `task:read` / `task:read-write` | Read or manage tasks |
| `user_management:read` | Read workspace members |
| `webhook:read-write` | Manage webhooks |
4. Copy the token -- it starts with `sk_` and **never expires** (but can be revoked)
### Step 2: Configure Environment
```bash
# .env (add to .gitignore immediately)
ATTIO_API_KEY=sk_your_token_here
# .gitignore
.env
.env.local
.env.*.local
```
### Step 3: Initialize the Client
```typescript
// src/attio/client.ts
const ATTIO_BASE = "https://api.attio.com/v2";
interface AttioRequestOptions {
method?: string;
path: string;
body?: Record<string, unknown>;
}
export async function attioFetch<T>({
method = "GET",
path,
body,
}: AttioRequestOptions): Promise<T> {
const res = await fetch(`${ATTIO_BASE}${path}`, {
method,
headers: {
Authorization: `Bearer ${process.env.ATTIO_API_KEY}`,
"Content-Type": "application/json",
},
body: body ? JSON.stringify(body) : undefined,
});
if (!res.ok) {
const error = await res.json();
throw new Error(
`Attio ${res.status}: ${error.code} - ${error.message}`
);
}
return res.json() as Promise<T>;
}
```
### Step 4: Verify Connection
```typescript
// Verify by listing workspace objects
const objects = await attioFetch<{ data: Array<{ api_slug: string }> }>({
path: "/objects",
});
console.log(
"Connected! Objects:",
objects.data.map((o) => o.api_slug)
);
// Output: Connected! Objects: ["people", "companies", "deals", ...]
```
```bash
# Quick verification with curl
curl -s https://api.attio.com/v2/objects \
-H "Authorization: Bearer ${ATTIO_API_KEY}" | jq '.data[].api_slug'
```
## OAuth 2.0 Flow (Multi-Workspace)
For apps that other workspaces install, use OAuth 2.0 Authorization Code Grant (RFC 6749 section 4.1).
```typescript
// Step 1: Redirect user to authorize
const authUrl = new URL("https://app.attio.com/authorize");
authUrl.searchParams.set("client_id", process.env.ATTIO_CLIENT_ID!);
authUrl.searchParams.set("redirect_uri", "https://yourapp.com/callback");
authUrl.searchParams.set("response_type", "code");
// Step 2: Exchange code for access token
const tokenRes = await fetch("https://app.attio.com/oauth/token", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({
grant_type: "authorization_code",
client_id: process.env.ATTIO_CLIENT_ID,
client_secret: process.env.ATTIO_CLIENT_SECRET,
code: authorizationCode,
redirect_uri: "https://yourapp.com/callback",
}),
});
const { access_token } = await tokenRes.json();
// Store access_token securely per workspace
```
## Error Handling
| Error | HTTP Status | Cause | Solution |
|-------|------------|-------|----------|
| `invalid_grant` | 401 | Bad or expired auth code | Re-authorize the user |
| `insufficient_scopes` | 403 | Token missing required scope | Add scope in dashboard, regenerate |
| `invalid_request` | 400 | Malformed Authorization header | Use `Bearer <token>` format |
| `not_found` | 404 | Token revoked or workspace deleted | Generate new token |
## Attio Error Response Format
All Attio errors return JSON with a consistent structure:
```json
{
"status_code": 403,
"type": "authorization_error",
"code": "insufficient_scopes",
"message": "Token requires 'record_permission:read' scope"
}
```
## Resources
- [Attio Access Token Guide](https://attio.com/help/apps/other-apps/generating-an-api-key)
- [Attio OAuth Tutorial](https://docs.attio.com/rest-api/tutorials/connect-an-app-through-oauth)
- [Attio REST API Overview](https://docs.attio.com/rest-api/overview)
- [Attio Authentication](https://docs.attio.com/rest-api/guides/authentication)
## Next Steps
After verifying auth, proceed to `attio-hello-world` for your first real API call.Related Skills
validating-authentication-implementations
Validate authentication mechanisms for security weaknesses and compliance. Use when reviewing login systems or auth flows. Trigger with 'validate authentication', 'check auth security', or 'review login'.
workhuman-install-auth
Workhuman install auth for employee recognition and rewards API. Use when integrating Workhuman Social Recognition, or building recognition workflows with HRIS systems. Trigger: "workhuman install auth".
wispr-install-auth
Wispr Flow install auth for voice-to-text API integration. Use when integrating Wispr Flow dictation, WebSocket streaming, or building voice-powered applications. Trigger: "wispr install auth".
windsurf-install-auth
Install Windsurf IDE and configure Codeium authentication. Use when setting up Windsurf for the first time, logging in to Codeium, or configuring API keys for team/enterprise deployments. Trigger with phrases like "install windsurf", "setup windsurf", "windsurf auth", "codeium login", "windsurf API key".
webflow-install-auth
Install the Webflow JS SDK (webflow-api) and configure OAuth 2.0 or API token authentication. Use when setting up a new Webflow integration, configuring access tokens, or initializing the WebflowClient in your project. Trigger with phrases like "install webflow", "setup webflow", "webflow auth", "configure webflow API token", "webflow OAuth".
vercel-install-auth
Install Vercel CLI and configure API token authentication. Use when setting up Vercel for the first time, creating access tokens, or initializing a project with vercel link. Trigger with phrases like "install vercel", "setup vercel", "vercel auth", "configure vercel token", "vercel login".
veeva-install-auth
Veeva Vault install auth with REST API and VQL. Use when integrating with Veeva Vault for life sciences document management. Trigger: "veeva install auth".
vastai-install-auth
Install and configure Vast.ai CLI and REST API authentication. Use when setting up a new Vast.ai integration, configuring API keys, or initializing Vast.ai GPU cloud access in your project. Trigger with phrases like "install vastai", "setup vastai", "vastai auth", "configure vastai API key", "vastai gpu setup".
twinmind-install-auth
Install and configure TwinMind Chrome extension, mobile app, and API access. Use when setting up TwinMind for meeting transcription, configuring calendar integration, or initializing TwinMind in your workflow. Trigger with phrases like "install twinmind", "setup twinmind", "twinmind auth", "configure twinmind", "twinmind chrome extension".
together-install-auth
Install Together AI SDK and configure API key for inference and fine-tuning. Use when setting up Together AI, configuring the OpenAI-compatible API, or initializing the together Python package. Trigger: "install together, setup together ai, together API key".
techsmith-install-auth
Install TechSmith Snagit COM API and register the COM server for automation. Use when setting up Snagit automation, configuring COM interop, or initializing Camtasia batch processing. Trigger: "install techsmith, setup snagit, techsmith COM API".
supabase-install-auth
Install and configure Supabase SDK, CLI, and project authentication. Use when setting up a new Supabase project, installing @supabase/supabase-js, configuring environment variables, or initializing the Supabase client. Trigger with "install supabase", "setup supabase", "supabase auth config", "configure supabase", "supabase init", "add supabase to project".