{"id":15371236,"url":"https://github.com/sandrinodimattia/serverless-jwt","last_synced_at":"2025-10-01T17:30:42.335Z","repository":{"id":46647108,"uuid":"281962945","full_name":"sandrinodimattia/serverless-jwt","owner":"sandrinodimattia","description":"JWT verification for Serverless environments 🔐","archived":false,"fork":false,"pushed_at":"2023-10-25T09:45:45.000Z","size":1245,"stargazers_count":64,"open_issues_count":7,"forks_count":5,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-01-14T07:06:56.095Z","etag":null,"topics":["jwt","netlify","nextjs","oidc","serverless"],"latest_commit_sha":null,"homepage":"","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/sandrinodimattia.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2020-07-23T13:44:07.000Z","updated_at":"2024-09-06T00:14:54.000Z","dependencies_parsed_at":"2024-06-18T18:28:41.428Z","dependency_job_id":"ece52ba3-61fd-438c-bb3a-9c2abad9a116","html_url":"https://github.com/sandrinodimattia/serverless-jwt","commit_stats":{"total_commits":72,"total_committers":3,"mean_commits":24.0,"dds":0.05555555555555558,"last_synced_commit":"97ea9820580a3e75fb5b2ed7a6a5777e6cc435eb"},"previous_names":[],"tags_count":10,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sandrinodimattia%2Fserverless-jwt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sandrinodimattia%2Fserverless-jwt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sandrinodimattia%2Fserverless-jwt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/sandrinodimattia%2Fserverless-jwt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/sandrinodimattia","download_url":"https://codeload.github.com/sandrinodimattia/serverless-jwt/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":234883314,"owners_count":18901365,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["jwt","netlify","nextjs","oidc","serverless"],"created_at":"2024-10-01T13:46:01.769Z","updated_at":"2025-10-01T17:30:41.918Z","avatar_url":"https://github.com/sandrinodimattia.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Serverless JWT\n\nWith the rise of [JAMstack](https://jamstack.wtf/) we've seen a lot of frameworks and platforms offer the ability to build and host Serverless functions as lightweight backends for your applications.\n\nIn the last few years the Node.js ecosystem has provided many solutions to handle authentication in your web applications through libraries like [Passport.js](http://www.passportjs.org/) and [express-jwt](https://github.com/auth0/express-jwt/). But due to the different programming model of Serverless functions (lambdas as opposed to full blown web servers) these libraries are not the perfect tool for the job.\n\nThis is where `serverless-jwt` comes in: a simple and lightweight solution focused at solving authentication for your Serverless functions.\n\n## How does this thing work?\n\n### Pre-requisites\n\nThis library works well with applications which integrate with an OpenID Connect provider like Auth0, Azure AD (B2C), Identity Server, Okta, ... These applications will receive an `id_token` which is used to authenticated the user and an `access_token` used to talk to APIs (in our case to Serverless functions).\n\nIf you have such an application, read along! We'll be adding examples over time to show how you can do this with your favourite technology stack.\n\n### Talking to Serverless functions\n\nYour React/Vue/Angular/... code will be interacting with your Serverless functions using `fetch` or any other HTTP client. These calls will need to be made by providing the access token as part of the `Authorization` header:\n\n```bash\nAuthorization: Bearer \u003caccess_token\u003e\n```\n\nHere's an example:\n\n```js\nconst callApi = async (path) =\u003e {\n  try {\n    setResponse('Loading...');\n\n    const token = await getAccessTokenFromSomewhere();\n\n    const api = await fetch('/.netlify/functions' + path, {\n      headers: {\n        authorization: 'Bearer ' + token\n      }\n    });\n\n    const body = await api.json();\n    setResponse({\n      status: api.status,\n      statusText: api.statusText,\n      body\n    });\n  } catch (e) {\n    setResponse(e.message);\n  }\n};\n```\n\n### Securing your Serverless functions\n\nFinally, this is where `serverless-jwt` comes in. You'll want to secure your functions to make sure only authorized calls can execute the function.\n\nYou'll create a verifier in which you simply define the `issuer` (your OpenID Connect provider) and the `audience` (which identifies your own API). The library will use the discovery endpoints exposed by your OpenID Connect provider to load everything that is needed to validate incoming tokens.\n\nIf the request is authorized the Serverless function will be executed, otherwise an error will be returned to the client.\n\n```js\nimport { NextJwtVerifier } from '@serverless-jwt/next';\n\nconst jwt = NextJwtVerifier({\n  issuer: 'https://sandrino-dev.auth0.com/',\n  audience: 'urn:worldmappers'\n});\n\n// Example Next.js API Route\nconst MyInvoices = async (req, res) =\u003e {\n  // Claims contains the user's ID and any other information available about the user.\n  const { claims } = req.identityContext;\n\n  // Use the current user to filter data and apply other business logic.\n  const invoices = db.invoices.get((i) =\u003e i.userId === claims.sub);\n  res.json({\n    invoices\n  });\n};\n\nexport default jwt(MyInvoices);\n```\n\n## Integrations\n\n### Netlify Functions\n\n[@serverless-jwt/netlify](./packages/netlify)\n\nExamples:\n\n- [Gatsby \u0026 Netlify Functions using Auth0](./examples/gatsby-auth0-netlify-functions)\n\n### Next.js\n\n[@serverless-jwt/next](./packages/next)\n\nExamples:\n\n- [Securing Next.js API Routes using Auth0](./examples/nextjs-auth0)\n\n## OpenID Connect Providers\n\nThis library will work with any OpenID Connect Provider. Documentation for certain providers is available here:\n\n- [Auth0](./docs/oidc-providers/auth0)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsandrinodimattia%2Fserverless-jwt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fsandrinodimattia%2Fserverless-jwt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fsandrinodimattia%2Fserverless-jwt/lists"}