Enterprise Auth in Astro without the pain

A complete, production-oriented walkthrough of adding SSO, social login, magic links, and session management to your Astro application using Scalekit — the auth platform built for B2B and AI apps. Table of Contents Why Scalekit for B2B auth? Core concepts: OAuth 2.0, OIDC, and the token trio Project setup & environment Initializing the Scalekit client The three auth endpoints Session middleware — the right way Protecting pages and API routes Enterprise SSO: per-organization connections PKCE flow (no client secret) Production best practices Troubleshooting common gotchas Why Scalekit for B2B auth? Shipping authentication feels deceptively simple: throw in a social login button, store a JWT, call it done. That works fine for consumer apps. But the moment your first enterprise prospect lands, everything changes. They need to log in via their company's Okta or Entra ID. Their IT team will ask whether you support SCIM. Their security team wants to audit every login event. And their proc