Quickstart
Get your Authrim instance up and running in minutes.
Prerequisites
Section titled “Prerequisites”Before you begin, ensure you have:
1. Clone the Repository
Section titled “1. Clone the Repository”git clone https://github.com/sgrastar/authrim.gitcd authrim2. Install Dependencies
Section titled “2. Install Dependencies”pnpm install3. Login to Cloudflare
Section titled “3. Login to Cloudflare”wrangler login4. Run the Setup Wizard
Section titled “4. Run the Setup Wizard”Use the @authrim/setup CLI tool to automatically configure your environment:
npx @authrim/setup --cliOr launch the interactive Web UI:
npx @authrim/setupThe setup wizard will:
- Generate cryptographic keys (RSA for JWT signing)
- Create
.dev.varswith environment variables - Generate
wrangler.tomlfor local development - Set up KV namespaces for caches, configuration, and tenant runtime snapshots
- Create the deployment D1 databases (
DB,DB_PII,DB_ADMIN) - Seed runtime profiles and apply core, PII, and admin migrations
- Deploy Durable Objects from
@authrim/ar-lib-core
Setup Options
Section titled “Setup Options”| Option | Description |
|---|---|
--cli | Use CLI mode (no Web UI) |
--env <env> | Specify environment (dev, staging, prod, etc.) |
--lang ja | Use Japanese language |
5. Start Development Server
Section titled “5. Start Development Server”pnpm run devThis starts all workers in development mode. Access endpoints at http://localhost:8787.
6. Verify Your Setup
Section titled “6. Verify Your Setup”Test the discovery endpoint:
curl http://localhost:8787/.well-known/openid-configuration | jqYou should see the OpenID Connect discovery document with endpoints like:
{ "issuer": "http://localhost:8787", "authorization_endpoint": "http://localhost:8787/authorize", "token_endpoint": "http://localhost:8787/token", "userinfo_endpoint": "http://localhost:8787/userinfo", "jwks_uri": "http://localhost:8787/.well-known/jwks.json"}Test the JWKS endpoint:
curl http://localhost:8787/.well-known/jwks.json | jqQuick Test: Authorization Flow
Section titled “Quick Test: Authorization Flow”Navigate to this URL in your browser to test the authorization flow:
http://localhost:8787/authorize?response_type=code&client_id=test-client&redirect_uri=http://localhost:3000/callback&scope=openid&state=random-stateSetup Flow Summary
Section titled “Setup Flow Summary”git clone + pnpm install ↓wrangler login ↓npx @authrim/setup --cli ← Configures everything automatically ↓pnpm run devLegacy Setup (Manual)
Section titled “Legacy Setup (Manual)”For detailed customization or troubleshooting, you can use individual scripts. These are source-repository workflows; the setup CLI remains the recommended path.
# Generate keys./scripts/setup-keys.sh
# Configure local environment./scripts/setup-local-vars.sh./scripts/setup-local-wrangler.sh
# Set up cloud resources./scripts/setup-kv.sh --env=dev./scripts/setup-d1.sh --env=dev./scripts/setup-durable-objects.sh
# Optional: Configure email (for OTP authentication)./scripts/setup-resend.sh --env=localFor tenant-D1 deployments, manage generated tenant database slots through the setup CLI:
npx @authrim/setup tenant-db-pool-status --env prodnpx @authrim/setup tenant-db-pool-expand --env prod --add-slots 10npx @authrim/setup tenant-db-migrate-all --env prodNext Steps
Section titled “Next Steps”- Installation Guide - Detailed setup instructions
- OIDC Configuration - Configure OpenID Connect