1.0.2 • Public • Published

npm version

Keybase ID Passport Strategy

passport-keybase is an authentication strategy for Passport that uses the Keybase ID library for user authentication and identification. passport-keybase exposes the KeybaseStrategy passport strategy for use.



passport-keybase depends on the Keybase ID library, as mentioned before. This package must be installed as a dependency in your NodeJS project and configured correctly before you can use passport-keybase! Follow the instructions for getting that package installed and running, then proceed with the installation steps below.


Once you have the prerequisites met, simply install this package as a dependency in your NodeJS project, alongside express, passport, and keybase-id.

npm install passport-keybase



The KeybaseStrategy is fairly easy to setup once you have the keybase-id package configured properly. KeybaseStrategy takes two required parameters, a keybaseId which points to an instance of the keybase-id library, and a verify callback, which is called upon successful user authentication and contains the authenticated user's username and Keybase Score. KeybaseStrategy takes several optional parameters as well, including: passReqToCallback, which changes the arguments passed to the verify callback to include the request object as well, and signedMessageField, verifyTxtField, and usernameField, which determine what field names in the request body to use for the signed message, verify text, and username authentication fields respectively.


const express = require('express');
const bodyParser = require('body-parser');
const passport = require('passport');

const KeybaseId = require('keybase-id');
const KeybaseStrategy = require('passport-keybase').Strategy;

// initialize the KeybaseId library
const keybaseId = new KeybaseId({
  keybasePath: 'keybase',
  minKbScore: 49,
  twitterApiKey: 'abcd1234key',
  twitterApiSecret: '1234abcdsecret',

// set `KeybaseStrategy` options
const keybaseOptions = {
  passReqToCallback: false,
  signedMessageField: 'signedMessage',
  verifyTxtField: 'verifyTxt',
  usernameField: 'username',

// create `KeybaseStrategy` verify callback
const verifyCallback = (username, score, done) => {
  // use the user's unique Keybase username to look them up in your database, returning a unique user id
  const user = {
    id: 1,
    user: 'lookup-user-using-username',
    username: username,
    score: score,

  done(null, user);

// use the `KeybaseStrategy` strategy
passport.use(new KeybaseStrategy(keybaseOptions, verifyCallback));

// setup the express app
const app = express();

// use bodyParse so KeybaseStrategy can parse necessary fields
app.use(bodyParser.urlencoded({ extended: true }));

// initialize passport

// use the KeybaseStrategy for authenticating an endpoint'/login', passport.authenticate('keybase', { session: false }), (req, res) => {
  // req.user contains the result you sent back in your verify callback method, `verifyCallback`
  // store the unique user id you looked up and returned in your verify callback, in a JWT token
  const jwtPayload = { id: };

  const expires = moment().add(2, 'h');
  const bearerToken = jwt.sign(jwtPayload, jwtOptions.secretOrKey, { expiresIn: '2h' });

  // return the JWT token
  res.json({ bearerToken, expires });

// start the server on port 3000
app.listen(3000, () => console.log('App listening on port ' + port));

A full, working code example can be found and cloned at passport-keybase-example.

Package Sidebar


npm i passport-keybase

Weekly Downloads






Unpacked Size

13.3 kB

Total Files


Last publish


  • rickjerrity