JWT Secret Generator

A simple, secure, and lightweight JWT secret key generator for Node.js applications. Generate cryptographically strong random keys perfect for signing JSON Web Tokens.

JWT Secret Generator 🔐

🚀 Features

• Cryptographically Secure: Uses Node.js crypto.randomBytes() for true randomness

• Flexible Length: Generate secrets from 128-bit to 512-bit strength

• Multiple Encodings: Support for hex, base64, and base64url encoding

• Batch Generation: Generate multiple secrets at once

• Zero Dependencies: Pure Node.js implementation

• TypeScript Ready: Includes type definitions

📦 Installation

npm install jwt-secret-generator

🔧 Usage

Basic Usage

const { generateJWTSecret } = require('jwt-secret-generator');

// Generate a 256-bit (32 bytes) secret in hex format
const secret = generateJWTSecret();
console.log(secret); // e.g., "a1b2c3d4e5f6789..."

// Generate with custom length (16 bytes = 128-bit)
const shortSecret = generateJWTSecret(16);
console.log(shortSecret);

// Generate with base64 encoding
const base64Secret = generateJWTSecret(32, 'base64');
console.log(base64Secret);

Generate by Bit Strength

const { generateJWTSecretByBits } = require('jwt-secret-generator');

// Generate 256-bit secret (recommended)
const secret256 = generateJWTSecretByBits(256);

// Generate 512-bit secret (maximum security)
const secret512 = generateJWTSecretByBits(512, 'base64');

// Supported bit strengths: 128, 256, 384, 512

Batch Generation

const { generateMultipleJWTSecrets } = require('jwt-secret-generator');

// Generate 5 secrets at once
const secrets = generateMultipleJWTSecrets(5, 32, 'hex');
console.log(secrets); // Array of 5 secret strings

Using Aliases

const jwt = require('jwt-secret-generator');

// Convenient aliases
const secret1 = jwt.generate();
const secret2 = jwt.generateByBits(256);
const secrets = jwt.generateMultiple(3);

🛡️ Security Best Practices

When using JWT secrets in production:

1. Use Strong Secrets: Always use at least 256-bit secrets for production

2. Environment Variables: Store secrets in environment variables, never in code

3. Regular Rotation: Rotate secrets periodically

4. Secure Storage: Use secure key management services in production

// ✅ Good - Environment variable
const secret = process.env.JWT_SECRET || generateJWTSecret();

// ❌ Bad - Hardcoded secret
const secret = "my-weak-secret";

📚 API Reference

generateJWTSecret(length?, encoding?)

Generate a secure JWT secret key.

• length (number, optional): Length in bytes (default: 32)

• encoding (string, optional): Output encoding - 'hex', 'base64', 'base64url' (default: 'hex')

• Returns: String - The generated secret

generateJWTSecretByBits(bits?, encoding?)

Generate a secret by bit strength.

• bits (number, optional): Bit strength - 128, 256, 384, 512 (default: 256)

• encoding (string, optional): Output encoding (default: 'hex')

• Returns: String - The generated secret

generateMultipleJWTSecrets(count?, length?, encoding?)

Generate multiple secrets at once.

• count (number, optional): Number of secrets to generate (default: 1)

• length (number, optional): Length in bytes (default: 32)

• encoding (string, optional): Output encoding (default: 'hex')

• Returns: Array - Array of generated secrets

🌟 Why Choose This Package?

• Security First: Uses cryptographically secure random number generation

• Production Ready: Battle-tested algorithms and best practices

• Developer Friendly: Simple API with sensible defaults

• Lightweight: Zero dependencies, minimal footprint

• Well Documented: Comprehensive documentation and examples

🔗 Related Resources

• 🌐 Online JWT Secret Generator: jwtsecrets.com - Generate JWT secrets online with our web tool

• 📚 Awesome JWT Resources: Awesome JWT List - Curated list of JWT libraries, tools and resources

• 📖 JWT.io: Learn more about JSON Web Tokens

• 🔒 OWASP JWT Security: Best practices for JWT security

🤝 Contributing

Contributions are welcome! Please feel free to submit a Pull Request. For major changes, please open an issue first to discuss what you would like change.

📄 License

This project is licensed under the MIT License - see the LICENSE file for details.

🙏 Acknowledgments

• Built with ❤️ for the developer community

• Inspired by the need for secure JWT implementations

• Thanks to all contributors and users

---

Need more JWT tools? Check out our comprehensive JWT toolkit and awesome JWT resources!

Readme

Keywords

• jwt

• secret

• generator

• authentication

• security

• token

• crypto

• random

• key

Package Sidebar

Install

npm i jwt-secret-generator

Repository

github.com/huang-hub/Awesome-JWT-List

Homepage

jwtsecrets.com/

Version

1.0.0

License

MIT

Unpacked Size

8.34 kB

Total Files

3

Issues

0

Pull Requests

0

Last publish

a day ago

Collaborators

• 

Try on RunKitReport malware