# JWT Secret Generator ### JWT Secret Generator 🔐 [![npm version](https://camo.githubusercontent.com/64204440c1cff1954c387bf6373a69454c73d2f1b6afa2c445f23cd02ce269a6/68747470733a2f2f62616467652e667572792e696f2f6a732f6a77742d7365637265742d67656e657261746f722e737667)](https://badge.fury.io/js/jwt-secret-generator) [![License: MIT](https://camo.githubusercontent.com/6cd0120cc4c5ac11d28b2c60f76033b52db98dac641de3b2644bb054b449d60c/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4c6963656e73652d4d49542d79656c6c6f772e737667)](https://opensource.org/licenses/MIT) [![Node.js Version](https://camo.githubusercontent.com/0482f67d6194a8be245c7aa54a9d3c2281687214ac844dd14e0885878885dec9/68747470733a2f2f696d672e736869656c64732e696f2f6e6f64652f762f6a77742d7365637265742d67656e657261746f722e737667)](https://nodejs.org/) ### 🚀 Features * **Cryptographically Secure**: Uses Node.js `crypto.randomBytes()` for true randomness * **Flexible Length**: Generate secrets from 128-bit to 512-bit strength * **Multiple Encodings**: Support for hex, base64, and base64url encoding * **Batch Generation**: Generate multiple secrets at once * **Zero Dependencies**: Pure Node.js implementation * **TypeScript Ready**: Includes type definitions ### 📦 Installation ``` npm install jwt-secret-generator ``` ### 🔧 Usage #### Basic Usage ``` const { generateJWTSecret } = require('jwt-secret-generator'); // Generate a 256-bit (32 bytes) secret in hex format const secret = generateJWTSecret(); console.log(secret); // e.g., "a1b2c3d4e5f6789..." // Generate with custom length (16 bytes = 128-bit) const shortSecret = generateJWTSecret(16); console.log(shortSecret); // Generate with base64 encoding const base64Secret = generateJWTSecret(32, 'base64'); console.log(base64Secret); ``` #### Generate by Bit Strength ``` const { generateJWTSecretByBits } = require('jwt-secret-generator'); // Generate 256-bit secret (recommended) const secret256 = generateJWTSecretByBits(256); // Generate 512-bit secret (maximum security) const secret512 = generateJWTSecretByBits(512, 'base64'); // Supported bit strengths: 128, 256, 384, 512 ``` #### Batch Generation ``` const { generateMultipleJWTSecrets } = require('jwt-secret-generator'); // Generate 5 secrets at once const secrets = generateMultipleJWTSecrets(5, 32, 'hex'); console.log(secrets); // Array of 5 secret strings ``` #### Using Aliases ``` const jwt = require('jwt-secret-generator'); // Convenient aliases const secret1 = jwt.generate(); const secret2 = jwt.generateByBits(256); const secrets = jwt.generateMultiple(3); ``` ### 🛡️ Security Best Practices When using[ JWT secrets ](https://jwtsecrets.com/)in production: 1. **Use Strong Secrets**: Always use at least 256-bit secrets for production 2. **Environment Variables**: Store secrets in environment variables, never in code 3. **Regular Rotation**: Rotate secrets periodically 4. **Secure Storage**: Use secure key management services in production ``` // ✅ Good - Environment variable const secret = process.env.JWT_SECRET || generateJWTSecret(); // ❌ Bad - Hardcoded secret const secret = "my-weak-secret"; ``` ### 📚 API Reference #### `generateJWTSecret(length?, encoding?)` Generate a secure [JWT secret key.](https://jwtsecrets.com/) * **length** (number, optional): Length in bytes (default: 32) * **encoding** (string, optional): Output encoding - 'hex', 'base64', 'base64url' (default: 'hex') * **Returns**: String - The generated secret #### `generateJWTSecretByBits(bits?, encoding?)` Generate a secret by bit strength. * **bits** (number, optional): Bit strength - 128, 256, 384, 512 (default: 256) * **encoding** (string, optional): Output encoding (default: 'hex') * **Returns**: String - The generated secret #### `generateMultipleJWTSecrets(count?, length?, encoding?)` Generate multiple secrets at once. * **count** (number, optional): Number of secrets to generate (default: 1) * **length** (number, optional): Length in bytes (default: 32) * **encoding** (string, optional): Output encoding (default: 'hex') * **Returns**: Array - Array of generated secrets ### 🌟 Why Choose This Package? * **Security First**: Uses cryptographically secure random number generation * **Production Ready**: Battle-tested algorithms and best practices * **Developer Friendly**: Simple API with sensible defaults * **Lightweight**: Zero dependencies, minimal footprint * **Well Documented**: Comprehensive documentation and examples ### 🔗 Related Resources * **🌐 Online JWT Secret Generator**: [jwtsecrets.com](http://jwtsecrets.com/) - Generate JWT secrets online with our web tool * **📚 Awesome JWT Resources**: [Awesome JWT List](https://github.com/huang-hub/Awesome-JWT-List) - Curated list of JWT libraries, tools and resources * **📖 JWT.io**: Learn more about JSON Web Tokens * **🔒 OWASP JWT Security**: Best practices for JWT security ### 🤝 Contributing Contributions are welcome! Please feel free to submit a Pull Request. For major changes, please open an issue first to discuss what you would like change. ### 📄 License This project is licensed under the MIT License - see the [LICENSE](https://github.com/huang-hub/Awesome-JWT-List/blob/HEAD/LICENSE) file for details. ### 🙏 Acknowledgments * Built with ❤️ for the developer community * Inspired by the need for secure JWT implementations * Thanks to all contributors and users *** **Need more JWT tools?** Check out our [comprehensive JWT toolkit](http://jwtsecrets.com/) and [awesome JWT resources](https://github.com/huang-hub/Awesome-JWT-List)! ### Readme #### Keywords * [jwt](https://www.npmjs.com/search?q=keywords:jwt) * [secret](https://www.npmjs.com/search?q=keywords:secret) * [generator](https://www.npmjs.com/search?q=keywords:generator) * [authentication](https://www.npmjs.com/search?q=keywords:authentication) * [security](https://www.npmjs.com/search?q=keywords:security) * [token](https://www.npmjs.com/search?q=keywords:token) * [crypto](https://www.npmjs.com/search?q=keywords:crypto) * [random](https://www.npmjs.com/search?q=keywords:random) * [key](https://www.npmjs.com/search?q=keywords:key) ### Package Sidebar #### Install `npm i jwt-secret-generator` #### Repository [github.com/huang-hub/Awesome-JWT-List](https://github.com/huang-hub/Awesome-JWT-List) #### Homepage [jwtsecrets.com/](http://jwtsecrets.com/) #### Version 1.0.0 #### License MIT #### Unpacked Size 8.34 kB #### Total Files 3 #### Issues [0](https://github.com/huang-hub/Awesome-JWT-List/issues) #### Pull Requests [0](https://github.com/huang-hub/Awesome-JWT-List/pulls) #### Last publish a day ago #### Collaborators * [![girff](https://www.npmjs.com/npm-avatar/eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdmF0YXJVUkwiOiJodHRwczovL3MuZ3JhdmF0YXIuY29tL2F2YXRhci83MjNkNjA5MzFkMTkxNzM5OWFjMjJmMmZhNTMwMDBhMz9zaXplPTEwMCZkZWZhdWx0PXJldHJvIn0.lWpVnzZBfZtYCqPo2l0SAHofbkedgD4MgRs735eSPos)](https://www.npmjs.com/~girff) Try on RunKitReport malware --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://jwtsecrets.gitbook.io/jwtsecrets/jwt-secret-generator.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.