JSON Web Tokens (JWT)

JSON Web Token (JWT) is an open standard for representing passing claims securely between two parties as three concatenated base64url-encoded strings of JSON data, joined by dots (.). JWTs are used for authentication, authorization, and information exchange.

The first string is the JOSE Header, which describes the digital signature or HMAC applied to the second string. The second string is a JWS payload, which contains JSON-encoded claims which are the information to be exchanged. Finally, the third string is a JWS signature that can be used to validate that the header and payload segments were not altered.

JWT Resources

Broader Topics Related to JSON Web Tokens (JWT)


The URL-compatible form of base64 encoding

IETF Standards

Standards set by the IETF

JSON Object Signing and Encryption (JOSE)

A set of technologies used to encrypt and sign content

JavaScript Object Notation (JSON)

A simple text-based format for data exchange based on a subset of JavaScript, defined by RFC 7159

JSON Web Signatures (JWS)

A method to represent content secured with digital signatures or MACs using JSON, defined by RFC 7515

JSON Web Tokens (JWT) Knowledge Graph