Akamai Auth Token Generator

1.0.7 · abandoned · verified Wed Apr 22

This JavaScript library, currently at version 1.0.7, provides a utility for generating Akamai authentication tokens within Node.js environments. Published over six years ago, it appears to be unmaintained, with no discernible release cadence or active development. It offers basic token generation with configurable algorithms (e.g., SHA256), access control lists (`acl`), token window durations, and a private key. Its primary differentiation lies in its direct, minimal approach to Akamai token creation, bypassing more comprehensive Akamai SDKs. However, the lack of recent updates, community support, and explicit security patching makes it a high-risk dependency for production systems, potentially leading to compatibility issues with newer Node.js versions or security vulnerabilities over time.

Common errors

```
TypeError: Akamai is not a constructor
```
cause Attempting to instantiate the module directly (e.g., `new Akamai(...)`) without accessing the `default` export when using CommonJS, or using a named import for a default export in ESM.

fix For CommonJS, use `const Akamai = require('akamai-auth-token').default;`. For ES Modules, use `import Akamai from 'akamai-auth-token';`.
```
ReferenceError: Akamai is not defined
```
cause The `Akamai` class was not correctly imported or is out of scope. This often happens if the import statement is missing or incorrect.

fix Ensure `import Akamai from 'akamai-auth-token';` or `const Akamai = require('akamai-auth-token').default;` is at the top of your file and correctly spelled.

Warnings

gotcha The `akamai-auth-token` package is unmaintained, with its last update over six years ago. Using an abandoned library, especially one involved in authentication, introduces significant risks for security vulnerabilities, compatibility issues with newer Node.js versions, and lack of support for evolving Akamai API requirements or best practices. Consider more actively maintained alternatives or official Akamai SDKs.
Fix: Migrate to actively maintained Akamai authentication solutions or implement token generation logic tailored to current Akamai specifications, potentially using official SDKs in other languages or community-supported Node.js alternatives like `@danitt/akamai-auth-token` (a fork of this package).
gotcha The package uses a CommonJS `module.exports.default` pattern. When used with ES Modules (`import`), it relies on Node.js's CJS-ESM interop, meaning `import Akamai from 'akamai-auth-token';` is the correct way, not named imports (`import { Akamai } from 'akamai-auth-token';`). This can lead to `TypeError: Akamai is not a constructor` if imported incorrectly.
Fix: Always use `import Akamai from 'akamai-auth-token';` for ESM or `const Akamai = require('akamai-auth-token').default;` for CommonJS.
gotcha This library only supports 'Auth Token 2.0 Verification' (also known as Token Auth 1.0 or 'Classic Tokens') which Akamai has superseded with more secure and feature-rich 'Token Authentication' (often referred to as 'Enhanced token workflow' or 'Hybrid Tokens'). The older 'Classic tokens' are less secure and may have been revoked or have limited support.
Fix: Evaluate Akamai's current recommendations for token authentication (e.g., Token Auth 2.0 or Enhanced Token Workflow) and implement solutions that align with the latest security standards. Consult Akamai documentation for the most up-to-date token generation methods.
gotcha The library lacks explicit support for advanced token configurations, such as `session ID`, `payload`, `url param` specific handling, or `escapeEarly` options that are present in official Akamai token generator libraries in other languages.
Fix: Manually implement these features if required or switch to an Akamai-provided or actively maintained library that supports these advanced options.

Install

npm install akamai-auth-token npm
yarn add akamai-auth-token yarn
pnpm add akamai-auth-token pnpm

Imports

Akamai
wrong:
```
import { Akamai } from 'akamai-auth-token';
```
correct:
```
import Akamai from 'akamai-auth-token';
```
This package is a CommonJS module with a default export. For ES Modules, Node.js's CJS-ESM interop allows `import Akamai from 'akamai-auth-token';`.
Akamai
wrong:
```
const Akamai = require('akamai-auth-token');
```
correct:
```
const Akamai = require('akamai-auth-token').default;
```
In CommonJS, the constructor is exposed via the `.default` property due to the way it's exported.
Akamai (destructured CJS)
```
const { default: Akamai } = require('akamai-auth-token');
```
An alternative CommonJS destructuring pattern to access the default export.

Quickstart

This code snippet demonstrates how to import the `Akamai` class and generate a basic Akamai authentication token with a configured key and ACL.

import Akamai from 'akamai-auth-token';

const config = {
    algorithm: 'SHA256',
    acl: '/*',
    window: 6000, // Token valid for 6000 seconds (100 minutes)
    key: process.env.AKAMAI_PRIVATE_KEY ?? 'myPrivateKey',
    encoding: false // Set to true if your Akamai configuration requires URL encoding
};

// Ensure you have a private key set in your environment variables or replace 'myPrivateKey'
if (config.key === 'myPrivateKey') {
    console.warn('WARNING: Using a default private key. Please set AKAMAI_PRIVATE_KEY environment variable for production.');
}

try {
    const akamai = new Akamai(config);
    const token = akamai.generateToken();
    console.log('Generated Akamai Token:', token);
} catch (error) {
    console.error('Error generating token:', error.message);
}

view raw JSON →