JWT
The JWT provider signs and verifies Bearer tokens.
JWT provider configuration
These settings are required/optional when you select JWT as the provider.
| Field | Type | Required | Default | Notes |
|---|---|---|---|---|
secret | string | ✅ Yes | — | Secret key used for signing/verifying JWTs. Keep it in environment variables. |
defaultOptions.expiresIn | string | number | ❌ No | "365d" | Token lifetime. Recommended to use string values supported by ms (e.g. "15m", "7d"). |
defaultOptions.algorithm | string | ❌ No | "HS256" | JWT signing algorithm. |
Module usage example
Below is a minimal example showing how to register AuthModule with the JWT provider.
app.module.ts
import { Module } from '@nestjs/common';
import { AuthModule, AuthProvider } from 'nestjs-auth-module';
@Module({
imports: [
AuthModule.register({
isGlobal: true,
provider: AuthProvider.JWT,
secret: process.env.AUTH_JWT_SECRET!,
defaultOptions: {
expiresIn: '15m',
algorithm: 'HS256',
},
}),
],
})
export class AppModule {}
To generate/verify/decode tokens, see Auth Service → generateAsync / verifyAsync / decodeAsync.
caution
Avoid automating large volumes of auth actions. Linked services may rate-limit or block requests if you misuse tokens.