Quickstart

Get your Authrim instance up and running in minutes.

Prerequisites

Before you begin, ensure you have:

• Node.js >= 22.0.0 (Download)
• pnpm >= 9.0.0 (Install)
• Git (Download)
• Cloudflare account (Sign up)

1. Clone the Repository

git clone https://github.com/sgrastar/authrim.git
cd authrim

2. Install Dependencies

pnpm install

3. Login to Cloudflare

wrangler login

4. Generate Keys

./scripts/setup-keys.sh

This generates:

• .keys/private.pem - Private key for JWT signing
• .keys/public.jwk.json - Public key in JWK format
• .keys/metadata.json - Key metadata including Key ID

5. Configure Local Environment

# Create .dev.vars with environment variables
./scripts/setup-local-vars.sh

# Generate wrangler.toml for local development
./scripts/setup-local-wrangler.sh

6. Set Up Cloud Resources

# Create KV namespaces (automatically initializes default settings)
./scripts/setup-kv.sh --env=dev

# Create D1 database
./scripts/setup-d1.sh

# Deploy Durable Objects
./scripts/setup-durable-objects.sh

7. Start Development Server

pnpm run dev

This starts all workers in development mode. Access endpoints at http://localhost:8787.

8. Verify Your Setup

Test the discovery endpoint:

curl http://localhost:8787/.well-known/openid-configuration | jq

You should see the OpenID Connect discovery document with endpoints like:

{
  "issuer": "http://localhost:8787",
  "authorization_endpoint": "http://localhost:8787/authorize",
  "token_endpoint": "http://localhost:8787/token",
  "userinfo_endpoint": "http://localhost:8787/userinfo",
  "jwks_uri": "http://localhost:8787/.well-known/jwks.json"
}

Test the JWKS endpoint:

curl http://localhost:8787/.well-known/jwks.json | jq

Quick Test: Authorization Flow

Navigate to this URL in your browser to test the authorization flow:

http://localhost:8787/authorize?response_type=code&client_id=test-client&redirect_uri=http://localhost:3000/callback&scope=openid&state=random-state

Setup Flow Summary

setup-keys.sh
    ↓
setup-local-vars.sh
    ↓
setup-local-wrangler.sh
    ↓
setup-kv.sh --env=dev  ← Automatically initializes settings
    ↓
setup-d1.sh + setup-durable-objects.sh
    ↓
setup-resend.sh --env=local (optional, for email)
    ↓
pnpm run dev

Next Steps

• Installation Guide - Detailed setup instructions
• OIDC Configuration - Configure OpenID Connect
• Deployment Guide - Deploy to production