jwks-rsa
v3.1.0
Published
Library to retrieve RSA public keys from a JWKS endpoint
Downloads
13,831,808
Maintainers
Readme
📚 Documentation - 🚀 Getting Started - 💬 Feedback
Documentation
- Examples - documentation of the options and code samples for common scenarios.
- Docs Site - explore our Docs site and learn more about Auth0.
Getting Started
Installation
Using npm in your project directory run the following command:
npm install --save jwks-rsa
Supports all currently registered JWK types and JWS Algorithms, see panva/jose#262 for more information.
Configure the client
Provide a JWKS endpoint which exposes your signing keys.
const jwksClient = require('jwks-rsa');
const client = jwksClient({
jwksUri: 'https://sandrino.auth0.com/.well-known/jwks.json',
requestHeaders: {}, // Optional
timeout: 30000 // Defaults to 30s
});
Retrieve a key
Then use getSigningKey
to retrieve a signing key that matches a specific kid
.
const kid = 'RkI5MjI5OUY5ODc1N0Q4QzM0OUYzNkVGMTJDOUEzQkFCOTU3NjE2Rg';
const key = await client.getSigningKey(kid);
const signingKey = key.getPublicKey();
Feedback
Contributing
We appreciate feedback and contribution to this repo! Before you get started, please see the following:
Raise an issue
To provide feedback or report a bug, please raise an issue on our issue tracker.
Vulnerability Reporting
Please do not report security vulnerabilities on the public GitHub issue tracker. The Responsible Disclosure Program details the procedure for disclosing security issues.