# JWT Secret Generator
### JWT Secret Generator 🔐
[](https://badge.fury.io/js/jwt-secret-generator) [](https://opensource.org/licenses/MIT) [](https://nodejs.org/)
### 🚀 Features
* **Cryptographically Secure**: Uses Node.js `crypto.randomBytes()` for true randomness
* **Flexible Length**: Generate secrets from 128-bit to 512-bit strength
* **Multiple Encodings**: Support for hex, base64, and base64url encoding
* **Batch Generation**: Generate multiple secrets at once
* **Zero Dependencies**: Pure Node.js implementation
* **TypeScript Ready**: Includes type definitions
### 📦 Installation
```
npm install jwt-secret-generator
```
### 🔧 Usage
#### Basic Usage
```
const { generateJWTSecret } = require('jwt-secret-generator');
// Generate a 256-bit (32 bytes) secret in hex format
const secret = generateJWTSecret();
console.log(secret); // e.g., "a1b2c3d4e5f6789..."
// Generate with custom length (16 bytes = 128-bit)
const shortSecret = generateJWTSecret(16);
console.log(shortSecret);
// Generate with base64 encoding
const base64Secret = generateJWTSecret(32, 'base64');
console.log(base64Secret);
```
#### Generate by Bit Strength
```
const { generateJWTSecretByBits } = require('jwt-secret-generator');
// Generate 256-bit secret (recommended)
const secret256 = generateJWTSecretByBits(256);
// Generate 512-bit secret (maximum security)
const secret512 = generateJWTSecretByBits(512, 'base64');
// Supported bit strengths: 128, 256, 384, 512
```
#### Batch Generation
```
const { generateMultipleJWTSecrets } = require('jwt-secret-generator');
// Generate 5 secrets at once
const secrets = generateMultipleJWTSecrets(5, 32, 'hex');
console.log(secrets); // Array of 5 secret strings
```
#### Using Aliases
```
const jwt = require('jwt-secret-generator');
// Convenient aliases
const secret1 = jwt.generate();
const secret2 = jwt.generateByBits(256);
const secrets = jwt.generateMultiple(3);
```
### 🛡️ Security Best Practices
When using[ JWT secrets ](https://jwtsecrets.com/)in production:
1. **Use Strong Secrets**: Always use at least 256-bit secrets for production
2. **Environment Variables**: Store secrets in environment variables, never in code
3. **Regular Rotation**: Rotate secrets periodically
4. **Secure Storage**: Use secure key management services in production
```
// ✅ Good - Environment variable
const secret = process.env.JWT_SECRET || generateJWTSecret();
// ❌ Bad - Hardcoded secret
const secret = "my-weak-secret";
```
### 📚 API Reference
#### `generateJWTSecret(length?, encoding?)`
Generate a secure [JWT secret key.](https://jwtsecrets.com/)
* **length** (number, optional): Length in bytes (default: 32)
* **encoding** (string, optional): Output encoding - 'hex', 'base64', 'base64url' (default: 'hex')
* **Returns**: String - The generated secret
#### `generateJWTSecretByBits(bits?, encoding?)`
Generate a secret by bit strength.
* **bits** (number, optional): Bit strength - 128, 256, 384, 512 (default: 256)
* **encoding** (string, optional): Output encoding (default: 'hex')
* **Returns**: String - The generated secret
#### `generateMultipleJWTSecrets(count?, length?, encoding?)`
Generate multiple secrets at once.
* **count** (number, optional): Number of secrets to generate (default: 1)
* **length** (number, optional): Length in bytes (default: 32)
* **encoding** (string, optional): Output encoding (default: 'hex')
* **Returns**: Array - Array of generated secrets
### 🌟 Why Choose This Package?
* **Security First**: Uses cryptographically secure random number generation
* **Production Ready**: Battle-tested algorithms and best practices
* **Developer Friendly**: Simple API with sensible defaults
* **Lightweight**: Zero dependencies, minimal footprint
* **Well Documented**: Comprehensive documentation and examples
### 🔗 Related Resources
* **🌐 Online JWT Secret Generator**: [jwtsecrets.com](http://jwtsecrets.com/) - Generate JWT secrets online with our web tool
* **📚 Awesome JWT Resources**: [Awesome JWT List](https://github.com/huang-hub/Awesome-JWT-List) - Curated list of JWT libraries, tools and resources
* **📖 JWT.io**: Learn more about JSON Web Tokens
* **🔒 OWASP JWT Security**: Best practices for JWT security
### 🤝 Contributing
Contributions are welcome! Please feel free to submit a Pull Request. For major changes, please open an issue first to discuss what you would like change.
### 📄 License
This project is licensed under the MIT License - see the [LICENSE](https://github.com/huang-hub/Awesome-JWT-List/blob/HEAD/LICENSE) file for details.
### 🙏 Acknowledgments
* Built with ❤️ for the developer community
* Inspired by the need for secure JWT implementations
* Thanks to all contributors and users
***
**Need more JWT tools?** Check out our [comprehensive JWT toolkit](http://jwtsecrets.com/) and [awesome JWT resources](https://github.com/huang-hub/Awesome-JWT-List)!
### Readme
#### Keywords
* [jwt](https://www.npmjs.com/search?q=keywords:jwt)
* [secret](https://www.npmjs.com/search?q=keywords:secret)
* [generator](https://www.npmjs.com/search?q=keywords:generator)
* [authentication](https://www.npmjs.com/search?q=keywords:authentication)
* [security](https://www.npmjs.com/search?q=keywords:security)
* [token](https://www.npmjs.com/search?q=keywords:token)
* [crypto](https://www.npmjs.com/search?q=keywords:crypto)
* [random](https://www.npmjs.com/search?q=keywords:random)
* [key](https://www.npmjs.com/search?q=keywords:key)
### Package Sidebar
#### Install
`npm i jwt-secret-generator`
#### Repository
[github.com/huang-hub/Awesome-JWT-List](https://github.com/huang-hub/Awesome-JWT-List)
#### Homepage
[jwtsecrets.com/](http://jwtsecrets.com/)
#### Version
1.0.0
#### License
MIT
#### Unpacked Size
8.34 kB
#### Total Files
3
#### Issues
[0](https://github.com/huang-hub/Awesome-JWT-List/issues)
#### Pull Requests
[0](https://github.com/huang-hub/Awesome-JWT-List/pulls)
#### Last publish
a day ago
#### Collaborators
* [](https://www.npmjs.com/~girff)
Try on RunKitReport malware