Skip to content

A TypeScript Issuer for the Privacy Pass Authentication Protocol

License

Notifications You must be signed in to change notification settings

cloudflare/privacypass-issuer

Repository files navigation

privacypass-issuer

Privacy Pass Issuer (Draft 16) within Cloudflare Workers. Keys are stored in R2.

Key rotation is manual by calling POST /admin/rotate.

Deploy

npm run deploy:production

Token type

Support:

  • Public-Verifiable tokens (Blind-RSA)

Authentication

All endpoints are public by default. Authentication should be a second layer. Internally, Cloudflare uses Access to protect /admin and /token-request endpoints.

Test token issuance

One can test token issuance locally using npm run test:e2e -- <issuer-name> target. If the issuer uses mTLS (Mutual TLS), you can use npm run test:e2e -- --cert <path> --key <path> <issuer-name>.

License

The project is licensed under the Apache-2.0 License.