Products » Nimbus JOSE + JWT »

JOSE & JSON Web Token (JWT) Examples

Signatures

JSON Web Signatures (JWS) can secure content, such as text, JSON or binary data, with a digital signature (RSA, EC or EdDSA) or a Hash-based Message Authentication Code (HMAC).

Create / verify JWS examples with generic payload:

JWS example with detached and unencoded payload (RFC 7797):

JWS with unencoded payload

JWS can also secure JSON Web Tokens (JWT):

JWT with HMAC protection
JWT with RSA signature
JWT with EC signature
JWT with ES256K signature (secp256k), used in Bitcoin and Ethereum
JWT with EdDSA / Ed25519 signature (RFC 8037)

JWS with Android PIN or biometric prompt to unlock the private key for signing:

JWS with user authentication required

Encryption

JSON Web Encryption (JWE) provides confidentiality of content, while also ensuring its integrity. Public / private (RSA and EC) as well as symmetric encryption are supported.

Create / decrypt JWE examples:

Secure framework for processing JOSE and JWT objects

The library provides a powerful and secure framework for handling tokens and messages secured with JOSE, such as JWT-based access tokens and OpenID tokens. The framework follows the security recommendations of the JOSE working group and has been tried with a wide range of use cases.

Validating JWT access tokens

Parsing JOSE and JWT objects

Parsing objects and tokens of a particular type (unsecured, JWS, JWE):

Simple JOSE object / JWT parsing

Parsing objects and tokens of any type (unsecured, JWS, JWE):

Keys

JSON Web Key (JWK):

X.509 certificates

Smart cards and Hardware Security Modules (HSM)

Signing a JWT with a smart card or HSM

JOSE & JSON Web Token (JWT) Examples

Signatures

Encryption

Secure framework for processing JOSE and JWT objects

Parsing JOSE and JWT objects

Keys

X.509 certificates

Smart cards and Hardware Security Modules (HSM)

Nimbus JOSE + JWT

Contact

Navigation

PRODUCTS

OPEN SOURCE

LEARN

PRODUCTS

OPEN SOURCE

LEARN