We're Hiring!

Approov Integration for the NodeJS NestJS Framework


The NestJS framework for NodeJS is built on top of the Express or Fastify frameworks with TypeScript support. NestJS provides an out-of-the-box application architecture to enable developers to create code that is loosely coupled, easy to maintain, and highly testable, which scales without getting in the way.

The integration of Approov within the NestJS framework ensures that your API can only be accessed by genuine instances of your mobile app. Scripts and bots will be blocked. This is achieved by adding the Approov SDK to your mobile app. 

Implementing the Approov Token check in your NestJS framework couldn’t be easier because the token is a regular signed JWT. All you need is to use an Approov middleware to check the Approov token expiry time and verify the signature with the secret known only by your NestJS framework and the Approov cloud service. The Approov middleware is executed early in the life cycle of a request, before any auth guard, and does not conflict with any user Authentication/Authorization package.

Please follow the Quickstart guide in the repo to learn how to integrate Approov into your current NestJS framework.

If you have any questions around why or how to use Approov in your NestJS project, don’t hesitate to contact us.


Cover photo by Karen Ciocca on Unsplash

Paulo Renato

Paulo Renato is known more often than not as paranoid about security. He strongly believes that all software should be secure by default. He thinks security should be always opt-out instead of opt-in and be treated as a first class citizen in the software development cycle, instead of an after thought when the product is about to be finished or released.