What is the possible character set for the jsonwebtoken nodejs library?


I see a lot of folks using the following for a private key when using the jsonwebtoken library:

const hexStr = require('crypto').randomBytes(64).toString('hex') 

But this returns a character set of only 0-9 and a-f. Not a good practice it seems.

jwt.sign({ name: kennedy }, hexStr); 

However this approach is seeming a much better, more secure approach as now we’re using the full character set as binary data:

jwt.sign({ name: kennedy }, Buffer.from(hexStr, 'hex').toString()) 

Thoughts on this? Is the second approach a better one? I’m just looking for affirmation (or not!) that I’m doing it correctly.