New Case Study:See how Anthropic automated 95% of dependency reviews with Socket.Learn More
Socket
Sign inDemoInstall
Socket
Sign inDemoInstall

express-gateway-plugin-jwks

Package Overview
Dependencies
Maintainers
1
Versions
3
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

express-gateway-plugin-jwks

Policy to support JWKS security providers like Auth0

  • 1.0.2
  • latest
  • Source
  • npm
  • Socket score
Version published
Weekly downloads
1
decreased by-83.33%
Maintainers
1
Weekly downloads
 
Created
Source

Plugin structure

This EG plugin is a wrapper around auth0/express-jwt policy. In addition it supports JWON Web Key Set. Please refer to links in the next sections to find all available properties

JWT settings

List of properties that are related to JWT settings like secret, issuer etc. can be found here: https://github.com/auth0/express-jwt

Most important are: issuer audience

plugins:
  express-gateway-plugin-jwks:
    issuer: 'http://issuer'
    audience: 'some_string_or_array'

To configure JWKS add jwksRsa property. See available settings below:

JWKS settings

https://github.com/auth0/node-jwks-rsa#caching Those settings are defined under jwksRsa property

example in system.config yaml

This is Global configuration, it will be used as default for all jwks policies usage across all pipelines

  express-gateway-plugin-jwks:
    issuer: 'http://issuer'
    audience: 'some_string_or_array'
    jwksRsa:
      cache: true
      jwksUri: https://${JWKS_HOST}/.well-known/jwks.json

example in gateway.config yaml

You can set the same settings in the action inside pipeline:

pipelines:
  api-pipeline:
    apiEndpoints:
      - api
    policies:
      - jwks:
        - action:
            issuer: 'http://issuer'
            audience: 'some_string_or_array'
            jwksRsa:
              cache: true
              jwksUri: https://${JWKS_HOST}/.well-known/jwks.json
      - proxy:
        - action:
            serviceEndpoint: api

Keywords

FAQs

Package last updated on 14 Mar 2019

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Create React App Officially Deprecated Amid React 19 Compatibility Issues

Security News

Create React App Officially Deprecated Amid React 19 Compatibility Issues

Create React App is officially deprecated due to React 19 issues and lack of maintenance—developers should switch to Vite or other modern alternatives.

By Sarah Gooding  -  Feb 11, 2025
SocketSocket SOC 2 Logo

Product

  • Package Alerts
  • Integrations
  • Docs
  • Pricing
  • FAQ
  • Roadmap
  • Changelog

About

Packages

npm

Go

Maven

PyPI

Rubygems

Stay in touch

Get open source security insights delivered straight into your inbox.

  • Terms
  • Privacy
  • Security

Made with ⚡️ by Socket Inc