Security News
MCP Steering Committee Launches Official MCP Registry in Preview
The MCP Steering Committee has launched the official MCP Registry in preview, a central hub for discovering and publishing MCP servers.
By Sarah Gooding - Sep 09, 2025
fastify-auth0-verify
Advanced tools
fastify-auth0-verify
Auth0 verification plugin for Fastify.
Internally this is a lighweight wrapper around fastify-jwt-jwks and accepts most of the same options. The differences are highlighted in this document. Refer to the documentation in the fastify-jwt-jwks repository for general usage.
Installation
Just run:
npm install fastify-auth0-verify --save
Usage
The configuration options for this plugin are similar to those in fastify-jwt-jwks, except that this package accepts a domain option instead of jwksUrl:
domain: The Auth0 tenant domain. It enables verification of RS256 encoded JWT tokens. It is also used to verify the token issuer (iss). Either provide a domain (domain.com) or the full URL, including the trailing slash (https://domain.com/).
Contributing
See CONTRIBUTING.md
Developer notes
Tests
Tests are currently split into unit and integration. Integration tests need the following environment variables:
| Env var | |
|---|---|
AUTH0_DOMAIN | Auth0 dashboard -> application -> Settings -> Domain |
AUTH0_CLIENT_ID | Auth0 dashboard -> application -> Settings -> Client ID |
AUTH0_CLIENT_SECRET | Auth0 dashboard -> application -> Settings -> Client Secret |
AUTH0_API_AUDIENCE | Auth0 application identifier |
License
Copyright NearForm Ltd. Licensed under the Apache-2.0 license.
Keywords
FAQs
Auth0 verification plugin for Fastify
The npm package fastify-auth0-verify receives a total of 19,010 weekly downloads. As such, fastify-auth0-verify popularity was classified as popular.
We found that fastify-auth0-verify demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 6 open source maintainers collaborating on the project.
Package last updated on 11 Oct 2024
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Related posts
Product
Introducing Pull Request Stories to Help Security Teams Track Supply Chain Risks
Socket’s new Pull Request Stories give security teams clear visibility into dependency risks and outcomes across scanned pull requests.
By André Staltz - Sep 08, 2025
Research
/Security News
npm Author Qix Compromised via Phishing Email in Major Supply Chain Attack
npm author Qix’s account was compromised, with malicious versions of popular packages like chalk-template, color-convert, and strip-ansi published.
By Sarah Gooding, Olivia Brown, Kush Pandya, Philipp Burckhardt, Peter van der Zee, Douglas Coburn - Sep 08, 2025