https://github.com/natlibfi/passport-keycloak-js
Passport strategy for Keycloak JWT
https://github.com/natlibfi/passport-keycloak-js
Last synced: 9 months ago
JSON representation
Passport strategy for Keycloak JWT
- Host: GitHub
- URL: https://github.com/natlibfi/passport-keycloak-js
- Owner: NatLibFi
- License: mit
- Created: 2023-05-24T13:23:09.000Z (about 3 years ago)
- Default Branch: main
- Last Pushed: 2025-09-29T05:12:30.000Z (9 months ago)
- Last Synced: 2025-09-29T05:23:53.688Z (9 months ago)
- Language: JavaScript
- Size: 674 KB
- Stars: 1
- Watchers: 5
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
- Codeowners: .github/CODEOWNERS
Awesome Lists containing this project
README
# Passport strategy for Keycloak JWT
Passport strategy for Keycloak JWT. This module has the following features:
- Written in modern day Javascript/ECMAscript
- Supports HTTP Bearer authentication using Keycloak JWT as bearer tokens
- Verifies token locally (i.e. does not use network calls to introspect endpoint, public keys are fetched from jwks endpoint and cached after first use)
## Strategies
This module provides the following Passport strategies.
### Bearer
HTTP Bearer authentication works by using the token generated after signing in to Keycloak for gaining access to the defined resources.
Does **not** allow configuration for ignoring token expiration.
### Usage
#### ES modules
```javascript
import {KeycloakStrategy} from '@natlibfi/passport-keycloak'
```
### Configuration
Configuration of the strategy needs to be passed to the class constructor as object.
- **algorithms (required):** Algorithm for decoding jwt
- **audience (required):** Audience of jwt
- **issuer (required):** Issuer of jwt
- **jwksUrl (required):** JWKS url to fetch public keys from
## License and copyright
Copyright (c) 2023-2024 **University Of Helsinki (The National Library Of Finland)**
This project's source code is licensed under the terms of **MIT license**