navan-prod-checklist

Featured

Use when validating production readiness for a Navan API integration — credential rotation, alerting, rate limits, SSO, SCIM, and compliance audit trails. Trigger with "navan prod checklist" or "navan production readiness".

AI & Automation 2,266 stars 315 forks Updated today MIT

Install

View on GitHub

Quality Score: 99/100

Stars 20%
100
Recency 20%
100
Frontmatter 20%
70
Documentation 15%
100
Issue Health 10%
50
License 10%
100
Description 5%
100

Skill Content

# Navan Production Checklist ## Overview Gated production readiness verification for Navan REST API integrations. Navan has no SDK and no sandbox — production is the only environment, making this checklist critical. ## Prerequisites - Navan admin access (Admin > Travel admin > Settings) - OAuth credentials stored in a secret manager (credentials are viewable only once) - SSO identity provider configured (Okta, Azure AD, or Google Workspace) - `curl` and `jq` for verification commands ## Instructions ### Domain 1 — Credential Security - [ ] **Secret storage**: OAuth `client_id` and `client_secret` stored in a secret manager (AWS Secrets Manager, GCP Secret Manager, HashiCorp Vault) — never in environment variables, config files, or source control - [ ] **Rotation plan documented**: Schedule for rotating credentials (recommend 90-day cycle) - [ ] **Zero-downtime rotation tested**: Dual-credential swap procedure validated ```bash # Verify current credentials work curl -s -X POST "https://api.navan.com/ta-auth/oauth/token" \ -H "Content-Type: application/x-www-form-urlencoded" \ -d "grant_type=client_credentials&client_id=$NAVAN_CLIENT_ID&client_secret=$NAVAN_CLIENT_SECRET" \ | jq '{authenticated: (.access_token != null), error: .error}' ``` **Rotation procedure:** 1. Generate new credentials in Admin > Integrations (old ones remain valid) 2. Deploy new credentials to secret manager 3. Update application configuration to reference new secret version 4. Verify new c...

Details

Author
jeremylongshore
Repository
jeremylongshore/claude-code-plugins-plus-skills
Created
7 months ago
Last Updated
today
Language
Python
License
MIT

Integrates with

Anthropic · AI Google Cloud · Cloud Azure · Cloud REST API · API

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Featured

navan-security-basics

Secure Navan API credentials with OAuth 2.0 best practices, SSO/SAML, and SCIM provisioning. Use when hardening a Navan integration, rotating credentials, or configuring identity provider SSO. Trigger with "navan security", "navan sso", "navan credentials", "navan scim".

2,266 Updated today
jeremylongshore
AI & Automation Featured

navan-ci-integration

Use when setting up CI/CD pipelines that validate Navan API integrations, run booking data health checks, or generate automated compliance reports. Trigger with "navan ci integration" or "navan pipeline" or "navan github actions".

2,266 Updated today
jeremylongshore
AI & Automation Featured

navan-upgrade-migration

Use when handling Navan API changes in production — defensive coding patterns, schema validation, deprecation monitoring, and gradual rollout strategies for unversioned APIs. Trigger with "navan upgrade migration" or "navan api change handling".

2,266 Updated today
jeremylongshore
AI & Automation Featured

navan-deploy-integration

Use when deploying Navan integrations with ERP systems (NetSuite, Sage Intacct, Xero), HRIS platforms (Workday, BambooHR), or identity providers (Okta, Azure AD). Trigger with "navan deploy integration" or "navan erp setup" or "navan sso deployment".

2,266 Updated today
jeremylongshore
AI & Automation Featured

navan-reference-architecture

Use when designing a production Navan API integration architecture — API gateway, token management, data sync pipelines, ERP connectors, and monitoring stack. Trigger with "navan reference architecture" or "navan integration architecture".

2,266 Updated today
jeremylongshore