SuperTokens is an open source authentication solution offering features like: Different types of login: Email / password, Passwordless (OTP or Magic link based).

SuperTokens.com

Is there an easier way to get PEM for JWT, I am writing a middleware for my requests, and from the docs I need to make a get request to my backend at `auth/jwt/jwk.json` but I am calling this from my backend, so do I have to send a request to localhost? Also, do these keys rotate, do I need to refetch them on every request or can I store them for later use?

```
import jwkToPem from 'jwk-to-pem';
import axios from 'axios';
import { exit } from 'process';

async function fetchJWK(): Promise<any> {
    try {
        const response = await axios.get(`http://localhost/auth/jwt/jwks.json`);
        if (response.data.keys.length === 0) {
            console.error('No JWK found');
            exit(1);
        }
        return response.data.keys[0];
    } catch (error) {
        console.error('Error fetching JWK:', error);
        throw error;
    }
}

const jwk = await fetchJWK();
const certString = jwkToPem(jwk);

process.env.JWKCERT = certString;
console.log('CERT String:', certString);
```

The jwks endpoint is exposed by the same api service which has integrated with our backend SDK.

So you will need to call that. Also, these keys don’t rotate

I would suggest that you use a JWT verification lib instead. That lib also takes care of caching.