JWT on KMS

This package is designed to be able to verify JWT tokens offline by first downloading the public key from KMS. This is done to reduce latency and cost.

Usage

import { sign, verify } from 'jwt-on-kms';
import { KMSClient } from '@aws-sdk/client-kms';

const signedToken = sign(
  {
    hello: 'world',
  },
  kmsKeyId
);

const { isValid } = verify(signedToken, kmsKeyId);

To use a custom client / use client options call setClient(yourClient).

Testing

To generate test fixtures, you need to create a KMS key in your AWS account that allows signing and verification with RSASSA_PSS_SHA_256. Set the KMS_KEY_ID environment variable to the ID of the key and AWS_REGION to region the key is in. Then run yarn generate-fixtures and then yarn test.

Bugs

If you find a security vulnerability, please report it privately to me via email. Other bugs should be reported via GitHub.

jwt-on-kms

JWT on KMS

Usage

Testing

Bugs

Readme

Keywords

Package Sidebar

Install

Repository

Homepage

Weekly Downloads

Version

License

Unpacked Size

Total Files

Last publish

Collaborators

jwt-on-kms

JWT on KMS

Usage

Testing

Bugs

Readme

Keywords

Package Sidebar

Install

Repository

Homepage

DownloadsWeekly Downloads

Version

License

Unpacked Size

Total Files

Last publish

Collaborators

Weekly Downloads