Home

Awesome

AWS KMS adapter for golang-jwt/jwt-go library

This library provides an AWS KMS(Key Management Service) adapter to be used with the popular GoLang JWT library golang-jwt/jwt-go.

It will Sign a JWT token using an asymmetric key stored in AWS KMS.

Verification can be done both using KMS Verify method or locally with a cached public key (default).

The minimum supported GoLang version is 1.20, since github.com/aws/aws-sdk-go-v2 v1.28.0 fails to build with anything older.

Supported key types

Signature AlgorithmJWT algNote
ECC_NIST_P256ES256
ECC_NIST_P384ES384
ECC_NIST_P521ES512
ECC_SECG_P256K1-secp256k1 is not supported by JWT
RSASSA_PKCS1_V1_5_SHA_256RS256
RSASSA_PKCS1_V1_5_SHA_384RS384
RSASSA_PKCS1_V1_5_SHA_512RS512
RSASSA_PSS_SHA_256PS256
RSASSA_PSS_SHA_384PS384
RSASSA_PSS_SHA_512PS512

Usage example

See example.go

Special thanks

Shouting out to: