SD JWT
Node.js
Web
React Native
What is SD JWT?
"Selective Disclosure for JWT" offers a cutting-edge approach to handling JSON Web Tokens (JWT) in a way that enhances user privacy and data security. In today's digital landscape, the demand for efficient yet secure data transmission is paramount. This project addresses that need by enabling selective disclosure of JWT claims, ensuring that only necessary information is shared.
This is the reference implmentation of IETF SD-JWT specification written in TypeScript. It aims to provide a production-ready, robust and secure way to handle JWTs with selective disclosure capabilities. Easily integrate JWT authentication into your Node.js, web, and React Native projects.
> See the details > Try it Online
What is SD-JWT VC?
SD-JWT VC describes data formats as well as validation and processing rules to express Verifiable Credentials with JSON payloads with and without selective disclosure based on the SD-JWT. You can check the details in IETF SD-JWT VC specification
Note: We are provide both SD-JWT and SD-JWT VC. The library can be used to create sd-jwt based credentials. To be compliant with the `sd-jwt-vc` standard, you can use the `@sd-jwt/sd-jwt-vc` that is implementing this spec.
Specification Compliance
- SD-JWT: draft-ietf-oauth-selective-disclosure-jwt-08
- SD-JWT VC: draft-ietf-oauth-sd-jwt-vc-03
Installation
$ npm install @sd-jwt/sd-jwt-vc
Architecture & Core Concept
SD JWT is a TypeScript library that provides a simple, yet powerful API for working with SD JWT. It is designed to be easy to use and flexible, allowing you to issue, present, and verify SD JWT credentials with ease.
Key Features
- Framework Agnostic: Universally compatible with various JavaScript frameworks. Easily integrates with React, React Native, and others without significant code alterations.
- Data Minimization and Efficiency: Minimizes JWT payload size for efficient QR code generation, ensuring scannability.
- Modular Design: Features a modular architecture for easy integration of selective disclosure capabilities, updates, and maintenance.
- Security-First: Adheres to security best practices, ensuring data integrity and secure token handling.
- Scalability and Performance: Efficient and performant under various loads, suitable for small to large-scale applications.