Complete KeypointJS Documentation
A Modern, Multi-Protocol Authentication & Authorization Framework for Node.js
KeypointJS evolves from an HTTP-focused library into a complete multi-protocol API gateway and security framework.
- Multi-Protocol Support: HTTP/HTTPS, WebSocket, gRPC in one framework
- Unified Authentication: Same keypoints work across all protocols
- Protocol Engines: Extensible architecture for custom protocols
- Enterprise Security: TLS/SSL awareness, trusted proxies, protocol validation
- Zero Dependencies: Core functionality implemented natively
npm install keypointjs
# or
yarn add keypointjs
# or
pnpm add keypointjs
# specific version
npm install keypointjs@1.2.2Node.js >= 18 is required.
import { KeypointJS } from 'keypointjs';
const app = new KeypointJS();
app.get('/', (ctx) => ctx.json({ message: 'Hello World!' }));
app.listen(3000);const app = new KeypointJS({
enableWebSocket: true,
enableGrpc: true,
enableHttp2: true,
trustedProxies: ['192.168.1.0/24']
});
app.get('/api/data', (ctx) => {
return ctx.json({ protocol: ctx.protocol, data: 'Hello!' });
});
app.listen(3000);const app = new KeypointJS({ requireKeypoint: true });
await app.createKeypoint({
keyId: 'client_123',
secret: 'secure_secret',
scopes: ['api:read', 'api:write'],
protocols: ['https', 'wss', 'grpc+tls']
});
app.get('/api/secure', (ctx) => {
if (!ctx.hasScope('api:read')) {
return ctx.status(403).json({ error: 'Insufficient scope' });
}
return ctx.json({ data: 'Protected data' });
});โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
โ KeypointJS v1.2.2 โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโค
โ HTTP Engine | WebSocket Engine | gRPC โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโค
โ Protocol Adapter & Unified Auth Layer โ
โ Cross-Protocol Policies & Plugins โ
โโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโโ
Layer 0 Pre-processing Hooks
Layer 1 Protocol Engine (Detection & Parsing)
Layer 2 CORS & Transport Guards
Layer 3 Keypoint Authentication
Layer 4 Authorization & Policy Engine
Layer 5 Plugin Processing
Layer 6 Route Execution
Layer 7 Response Normalization
core/ Protocol engines & adapters
keypoint/ Identity, scopes, validation
policy/ Policy rules & engine
plugins/ Built-in and custom plugins
const app = new KeypointJS({
requireKeypoint: true,
strictMode: true,
enableWebSocket: true,
enableGrpc: false,
enableHttp2: true,
trustedProxies: ['192.168.1.0/24', '10.0.0.0/8'],
validateProtocol: true,
maxRequestSize: '10mb'
});- HTTP/1.1, HTTP/2 (experimental)
- TLS metadata extraction
- Trusted proxy validation
const ws = app.enableWebSocket({ path: '/ws', requireKeypoint: true });
ws.onConnection(conn => console.log(conn.keypointId));- gRPC over HTTP/2
- Streaming & unary calls
- Metadata-based authentication
app.registerProtocolEngine('mqtt', {
detect: req => req.headers['protocol'] === 'mqtt',
parse: async req => ({ topic: req.topic, payload: req.payload }),
validate: async ctx => true
});- Protocol-bound identity
- Scope-based authorization
- Optional IP, origin, and rate limits
app.defineScope('admin', 'Administrative access');
app.scopeManager.addInheritance('admin', ['users:read', 'users:write']);Built-in rules:
- Method
- IP range
- Origin
- Time window
- Rate limit
Custom policy:
app.addPolicy('premium', async (ctx) => {
return ctx.getKeypointMetadata().tier === 'premium';
});Plugins hook into the request lifecycle.
class CustomPlugin {
async process(ctx, next) {
await next(ctx);
}
}- app.listen()
- app.get(), post(), put(), delete()
- app.createKeypoint(), revokeKeypoint()
- app.enableProtocol(), registerProtocolEngine()
- app.addPolicy(), registerPlugin()
app.getStats();
app.healthCheck();- Real-time chat (WebSocket)
- API Gateway routing
- Compliance-ready (HIPAA-style) APIs
- Disable protocol validation for local testing
- Reduce payload limits for memory pressure
- Enable debug middleware for tracing
- HTTP/3 (QUIC)
- MQTT & SSE support
- GraphQL transport
- Cloud-native deployment presets
- Fork the repo
- Create feature branch
- Add tests
- Open Pull Request
Apache-2.0
KeypointJS v1.2.2 โ Your multi-protocol API gateway for the modern web