Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
executable file 99 lines (70 sloc) 2.66 KB



We are supporting NPM as a package manager. If you have NodeJS installed NPM will be very likely installed as well. Please check out the instructions about NPM installation, if not.

If NPM is installed, you can install the escher-auth npm package by:

npm install escher-auth


To load the library, add the Composer autoloader to your code:

var Escher = require('escher-auth');

The library has 3 interfaces you can call. You can sign an HTTP request, you can presign a URL and you can validate a signed HTTP request or presigned URL (with the same method).

Signing a request

Escher works by calculating a cryptographic signature of your request, and adding it (and other authentication information) to the request. Usually you will want to add the authentication information by appending extra headers to it. Let's say you want to send a signed POST request to

var escher = new Escher({
  credentialScope: 'example/credential/scope',
  accessKeyId: 'EscherExample',
  apiSecret: 'TheBeginningOfABeautifulFriendship'

var options = {
  host: '',
  port: 80,
  method: 'GET',
  url: '/validate_request',
  headers: [
    ['X-Escher-Date', (new Date).toUTCString()]

options = escher.signRequest(options, '');

http.get(options, function(resp){
  resp.on('data', function(chunk){
}).on("error", function(e){
  console.log("Got error: " + e.message);

Presigning a URL

var escher = new Escher({
  credentialScope: 'example/credential/scope',
  accessKeyId: 'EscherExample',
  apiSecret: 'TheBeginningOfABeautifulFriendship'

var presignedUrl = escher.preSignUrl('', 86400);

Validating a request

You can validate a request signed by the methods described above. For that you will need a database of the access keys and secrets of your clients. Escher accepts a function as a key database, where you can pass the client key, and it returns the client secret.

var escher = new Escher({
  credentialScope: 'example/credential/scope'

var keyDB = function(clientKey) {
  return "TheBeginningOfABeautifulFriendship";

escher.authenticate(request, keyDB);