@jackdbd/fastify-introspection-endpoint
Advanced tools
Fastify plugin that adds an [IndieAuth Token Introspection Endpoint](https://indieauth.spec.indieweb.org/#access-token-verification) to a Fastify server.
Fastify plugin that adds an IndieAuth Token Introspection Endpoint to a Fastify server.
IndieAuth extends OAuth 2.0 Token Introspection by adding that the introspection response MUST include an additional parameter, me.
npm install @jackdbd/fastify-introspection-endpoint
Options for the Fastify introspection-endpoint plugin
Properties
| Name | Type | Description | Required |
|---|---|---|---|
| ajv | Instance of Ajv | no | |
| includeErrorDescription | boolean | Whether to include an error_description property in all error responses. This is meant to assist the client developer in understanding the error. This is NOT meant to be shown to the end user.Default: false | no |
| isAccessTokenRevoked | Function | Predicate function that returns true if a jti (JSON Web Token ID) is revoked. | yes |
| issuer | string | The authorization server's issuer identifier. It's a URL that uses the "https" scheme and has no query or fragment components. It MUST also be a prefix of the indieauth-metadata URL. Format: "uri" | yes |
| jwksUrl (JWKS public URL) | object | URL where the public JSON Web Key Set is hosted. | yes |
| logPrefix | string | Default: "introspection-endpoint " | no |
| reportAllAjvErrors (report all AJV errors) | boolean | Whether to report all AJV validation errors. Default: false | no |
Example
{
"includeErrorDescription": false,
"jwksUrl": {},
"logPrefix": "introspection-endpoint ",
"reportAllAjvErrors": false
}
URL where the public JSON Web Key Set is hosted.
Properties
| Name | Type | Description | Required |
|---|---|---|---|
| hash | string | yes | |
| host | string | yes | |
| href | string | yes | |
| hostname | string | yes | |
| origin | string | yes | |
| password | string | yes | |
| pathname | string | yes | |
| port | string | yes | |
| protocol | string | yes | |
| search | string | yes | |
| searchParams | yes | ||
| username | string | yes | |
| toJSON | yes |
Additional Properties: allowed
| Package | Version |
|---|---|
| @fastify/formbody | ^8.0.2 |
| @fastify/response-validation | ^3.0.3 |
| @jackdbd/indieauth | ^0.0.0-canary.1 |
| @jackdbd/oauth2 | ^0.0.0-canary.1 |
| @jackdbd/oauth2-error-responses | ^0.0.0-canary.1 |
| @jackdbd/oauth2-tokens | ^0.0.0-canary.1 |
| @jackdbd/schema-validators | ^0.0.0-canary.1 |
| @sinclair/typebox | ^0.34.14 |
| ajv | ^8.17.1 |
| ajv-formats | ^3.0.1 |
| fastify-plugin | ^5.0.1 |
⚠️ Peer Dependencies
This package defines 1 peer dependency.
| Peer | Version range |
|---|---|
fastify | >=5.0.0 |
© 2024 - 2025 Giacomo Debidda // MIT License
FAQs
Fastify plugin that adds an [IndieAuth Token Introspection Endpoint](https://indieauth.spec.indieweb.org/#access-token-verification) to a Fastify server.
The npm package @jackdbd/fastify-introspection-endpoint receives a total of 2 weekly downloads. As such, @jackdbd/fastify-introspection-endpoint popularity was classified as not popular.
We found that @jackdbd/fastify-introspection-endpoint demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub postponed a new billing model for self-hosted Actions after developer pushback, but moved forward with hosted runner price cuts on January 1.
Research
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
Security News
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.