Research
Two Malicious Rust Crates Impersonate Popular Logger to Steal Wallet Keys
Socket uncovers malicious Rust crates impersonating fast_log to steal Solana and Ethereum wallet keys from source code.
By Kirill Boychenko - Sep 24, 2025
@vonage/auth
Advanced tools
@vonage/auth
Vonage Auth Package adds the correct authentication headers to requests to Vonage API's
Vonage Auth SDK for Node.js
This is the Vonage Auth SDK for Node.js for creating authentication headers and signature for use with Vonage APIs. To use it you will need a Vonage account. Sign up for free at vonage.com.
We recommend using this package as part of the overall @vonage/server-sdk package.
For full API documentation refer to developer.vonage.com.
Installation
We recommend using this SDK as part of the overall @vonage/server-sdk package. Please see the main package for installation.
You can also use this SDK standalone if you only need access to just the Auth SDK.
With NPM
npm install @vonage/auth
With Yarn
yarn add @vonage/auth
Usage
As part of the Vonage Server SDK
If you are using this SDK as part of the Vonage Server SDK, you can access it as the auth property off of the client that you instantiate.
The SDK can be used standalone from the main Vonage Server SDK for Node.js if you only need to use the Auth API. All you need to do is require('@vonage/auth'), and use the returned object to create your own client.
const { Auth } = require('@vonage/server-sdk');
// Or if standalone
const { Auth } = require('@vonage/auth');
const vonageAuth = new Auth({
apiKey: API_KEY,
apiSecret: API_SECRET,
applicationId: APP_ID,
privateKey: PRIVATE_KEY_PATH,
});
(async () => {
const basicHeader = vonageAuth.createBasicHeader();
console.log(basicHeader);
})()
Options
Options is an object with the following properties:
apiKey- API Key from Vonage API. IfapplicationIdandprivateKeyare present,apiKeyis optional.apiSecret- API Secret from Vonage API. IfapplicationIdandprivateKeyare present,apiSecretis optional.applicationId- (optional) The Vonage API Application ID to be used when creating JWTs.privateKey- (optional) The Private Key to be used when creating JWTs. You can specify the key as any of the following:- A Buffer containing the file contents.
- A String containing the path to the key file on disk.
- A String containing the key itself.
Testing
Run:
npm run test
FAQs
Vonage Auth Package adds the correct authentication headers to requests to Vonage API's
The npm package @vonage/auth receives a total of 53,203 weekly downloads. As such, @vonage/auth popularity was classified as popular.
We found that @vonage/auth demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 54 open source maintainers collaborating on the project.
Package last updated on 22 Sep 2025
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Research
Malicious fezbox npm Package Steals Browser Passwords from Cookies via Innovative QR Code Steganographic Technique
A malicious package uses a QR code as steganography in an innovative technique.
By Olivia Brown - Sep 22, 2025
Research
/Security News
Identifying and Preventing Fraudulent Engineering Candidates: An Investigation into 80 Confirmed Cases
Socket identified 80 fake candidates targeting engineering roles, including suspected North Korean operators, exposing the new reality of hiring as a security function.
By Lauren Valencia, Kirill Boychenko - Sep 17, 2025