Authentication

JWT Configuration

Deep dive into JWT configuration options in Charcole - customize tokens, security settings, and authentication behavior.

Understanding JWT in Charcole

JSON Web Tokens (JWT) are the backbone of Charcole's authentication system. Unlike traditional session-based auth, JWT tokens are stateless, self-contained, and scalable — perfect for modern API development.

Charcole's JWT implementation isn't just a wrapper around a library. It's a thoughtfully designed system that balances security, performance, and developer experience.

Environment-Based Configuration

Charcole uses environment variables for JWT configuration, making it easy to have different settings for development, testing, and production.

# Required - Your secret key (change this in production!)
JWT_SECRET=your-super-secret-key-change-in-production

Just generate your strong JWT token with

# Generate a strong secret
node -e "console.log(require('crypto').randomBytes(64).toString('hex'))"

and paste the token to JWT_SECRET env variable.

After that, you're good to go. Just run;

npm run dev

And your server will start running with the authentication module, you can test the auth apis as well.

Edit this pageorReport an issue

Authentication Setup

Learn how to enable and configure JWT authentication in your Charcole project with optional module installation.