SIWA Client Secret: npm package
@praveentcom/siwa-client-secret is an npm package designed to generate signed JWT client secrets for the Apple ID REST API, enabling secure exchange of authorization codes or refresh tokens for access tokens in Sign in with Apple integrations. Forked from an existing repository, it addresses vulnerabilities, incorporates recent enhancements, and provides a straightforward API with built-in TypeScript support.
Project date
Jan 2022
Project authors
Praveen Thirumurugan
Highlights
- Engineered a lightweight library that produces signed JSON Web Tokens (JWTs) using essential configuration parameters, including key ID, bundle ID, team ID, and private key in PEM format.
- Leveraged the jsonwebtoken package from Auth0 to ensure reliable JWT signing compliant with Apple's authentication specifications.
- Integrated TypeScript type declarations to enhance code maintainability, type safety, and developer productivity.
- Published the package on npm under the MIT license, with simple installation via npm or yarn, facilitating easy adoption in Node.js environments.