JOSE & JSON Web Token (JWT) Examples


JSON Web Signatures (JWS) can secure content, such as text, JSON or binary data, with a digital signature (RSA, EC or EdDSA) or a Hash-based Message Authentication Code (HMAC).

Create / verify JWS examples with generic payload:

JWS example with detached and unencoded payload (RFC 7797):

JWS can also secure JSON Web Tokens (JWT):


JSON Web Encryption (JWE) provides confidentiality of content, while also ensuring its integrity. Public / private (RSA and EC) as well as symmetric encryption are supported.

Create / decrypt JWE examples:

Secure framework for processing JOSE and JWT objects

The library provides a powerful and secure framework for handling tokens and messages secured with JOSE, such as JWT-based access tokens and OpenID tokens. The framework follows the security recommendations of the JOSE working group and has been tried with a wide range of use cases.

Parsing JOSE and JWT objects

Parsing objects and tokens of a particular type (unsecured, JWS, JWE):

Parsing objects and tokens of any type (unsecured, JWS, JWE):


JSON Web Key (JWK):

X.509 certificates

Smart cards and Hardware Security Modules (HSM)