Generate Key Pairs

Franklin Templeton's authentication method involves users hosting public keys on a public URL, allowing Franklin's authentication server to verify user API requests using these keys. This design was selected to give users independent control of their own keys, rotation policies, and key management.

Download generateKeys.mjs or copy the following into a text editor and save it as generateKeys.mjs :

import { generateKeyPair, randomUUID } from 'node:crypto';  
  
function generateEcdsaP256Jwk() {  
  return new Promise((resolve, reject) => {  
    generateKeyPair('ec', {  
      namedCurve: 'P-256',  
      publicKeyEncoding: { format: 'jwk' },  
      privateKeyEncoding: { format: 'jwk' },  
    }, (err, publicKey, privateKey) => {  
      if (err) {  
        reject(err);  
        return;  
      }  
      resolve({ publicKey, privateKey });  
    });  
  });  
}  
  
async function main() {  
  try {  
    const kid = randomUUID();  
    const iat = Math.floor(Date.now() / 1000);  
    const keyPair = await generateEcdsaP256Jwk();  
    const publicKey = { ...keyPair.publicKey, kid, iat };  
    const privateKey = { ...keyPair.privateKey, kid, iat };  
  
    console.log("PUBLIC KEY (JWK):");  
    console.log(JSON.stringify(publicKey, null, 2));  
    console.log("\nPRIVATE KEY (JWK) - Store Securely and NEVER share publicly:");  
    console.log(JSON.stringify(privateKey, null, 2));  
  } catch (error) {  
    console.error('Error generating key pair:', error);  
  }  
}  
  
main();

and then run the script, with an example command below for Mac and PC:

node generateKeys.mjs

*Note: The keys generated are different from any public and private keys used in Web 3 or blockchain wallets, and are purely for Franklin Templeton to verify your future API requests.