{"id":20417534,"url":"https://github.com/tm9657/jwk-store","last_synced_at":"2026-04-23T03:32:25.672Z","repository":{"id":196084800,"uuid":"694313593","full_name":"TM9657/jwk-store","owner":"TM9657","description":"The JWK Store is a flexible solution that allows you to provide your services with custom JSON Web Keys (JWK). It enables clients to request a JWK from the server, which can be associated with a password. If no JWK is found for the given ID, a new one will be generated.","archived":false,"fork":false,"pushed_at":"2023-09-23T13:02:14.000Z","size":13,"stargazers_count":2,"open_issues_count":0,"forks_count":1,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-03-05T03:45:41.444Z","etag":null,"topics":["cloudflare","jwk","jwks","microservice","serverless","service","worker"],"latest_commit_sha":null,"homepage":"https://tm9657.de","language":"TypeScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/TM9657.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2023-09-20T18:43:10.000Z","updated_at":"2023-10-04T23:50:19.000Z","dependencies_parsed_at":"2023-09-21T08:58:00.133Z","dependency_job_id":"e7e26df3-f549-4192-b297-88cffac59c44","html_url":"https://github.com/TM9657/jwk-store","commit_stats":null,"previous_names":["tm9657/jwk-store"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/TM9657/jwk-store","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TM9657%2Fjwk-store","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TM9657%2Fjwk-store/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TM9657%2Fjwk-store/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TM9657%2Fjwk-store/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/TM9657","download_url":"https://codeload.github.com/TM9657/jwk-store/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/TM9657%2Fjwk-store/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32164960,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-23T02:19:40.750Z","status":"ssl_error","status_checked_at":"2026-04-23T02:17:55.737Z","response_time":53,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloudflare","jwk","jwks","microservice","serverless","service","worker"],"created_at":"2024-11-15T06:26:27.327Z","updated_at":"2026-04-23T03:32:25.646Z","avatar_url":"https://github.com/TM9657.png","language":"TypeScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003ca href=\"https://tm9657.de?ref=github\"\u003e\u003cp align=\"center\"\u003e\u003cimg width=250 src=\"https://cdn.tm9657.de/tm9657/images/jwk-store.png\" /\u003e\u003c/p\u003e\u003c/a\u003e\n\u003cp align=\"center\"\u003e\n    \u003ca href=\"https://tm9657.de\"\u003e\u003cimg src=\"https://img.shields.io/badge/website-more_from_us-C0222C.svg?style=flat\u0026logo=PWA\"\u003e \u003c/a\u003e\n\t  \u003ca href=\"https://discord.ca9.io\"\u003e\u003cimg src=\"https://img.shields.io/discord/673169081704120334?label=discord\u0026style=flat\u0026color=5a66f6\u0026logo=Discord\"\u003e\u003c/a\u003e\n\t  \u003ca href=\"https://twitter.com/tm9657\"\u003e\u003cimg src=\"https://img.shields.io/badge/twitter-follow_us-1d9bf0.svg?style=flat\u0026logo=Twitter\"\u003e\u003c/a\u003e\n\t  \u003ca href=\"https://www.linkedin.com/company/tm9657/\"\u003e\u003cimg src=\"https://img.shields.io/badge/linkedin-connect-0a66c2.svg?style=flat\u0026logo=Linkedin\"\u003e\u003c/a\u003e\n    \u003ca href=\"https://merch.ca9.io\"\u003e\u003cimg src=\"https://img.shields.io/badge/merch-support_us-red.svg?style=flat\u0026logo=Spreadshirt\"\u003e\u003c/a\u003e\n\u003c/p\u003e\n\n# 🔐 JWK Store\nThe JWK Store is a flexible solution that allows you to provide your services with custom JSON Web Keys (JWK). It enables clients to request a JWK from the server, which can be associated with a password. If no JWK is found for the given ID, a new one will be generated.\n\nThe private JWK resulting from this process is encrypted using the provided password and stored in KV alongside a bcrypt hashed password. On the other hand, clients can retrieve the public JWK associated with a specific ID without needing to provide any password.\n\nClients with the password and API-Key can send a request to the server with an attached password in order to retrieve the private JWK. The server will verify if the provided password matches against the stored bcrypt hash and use it to successfully decrypt and return the private JWK.\n\nEndpoints:\n- **GET /**   - public\n- **GET /:id** - public\nFetches the public JWK.\n- **POST /secure/:id** - API Key required\nIf the ID is not used, creates a new JWK. If the JWK is already used returns the exisiting private JWK.\n- **DELETE /secure/:id** - API Key required\nRemoves the JWK.\n\n## Features\n- Flexible JWK Management\n- Easy JWK Distribution for Serverless or other horizontally scaled environments\n\n## Setup\nConfigure a KV to use with the app. Insert the ID in the wrangler.toml.\n\n\u003e - `bun install` ➡️ installs the dependencies\n\u003e - `wrangler secret put API_KEY` ➡️ set an API-Key. Remember this key as it has to be used to create new JWK or fetch the private keys of them.\n\u003e - `wrangler secret put BUCKET_PUBLIC_ADDRESS` ➡️ set an API-Key. Remember this key as it has to be used to create new JWK or fetch the private keys of them.\n\u003e - `bun run deploy` ➡️ deploys the solution to cloudflare\n\u003e - `(optional) set a custom domain in your dashboard`\n\n**Provided by TM9657 GmbH with ❤️**\n### Check out some of our products:\n- [Kwirk.io](https://kwirk.io?ref=github) (Text Editor with AI integration, privacy focus and offline support)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftm9657%2Fjwk-store","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ftm9657%2Fjwk-store","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ftm9657%2Fjwk-store/lists"}