JWT signing (JWS) and verification, with first class JWK and JWK Set (JWKS) support.
Supports almost all JWS algorithms:
- HS256, HS384, HS512
- ES256, ES384, ES512, ES256K
- RS256, RS384, RS512
- PS256, PS384, PS512
nbf validations. (Other validations will not be supported,
because they are mostly application specific and can be easily implemented by
Supports converting public/private keys to/from PEM/JWK. Supports working with
generic keys (where the algorithm is determined at runtime), i.e.
Uses good old openssl for crypto.
examples folder for some examples.
- JWK and JWK Set.
- JWT Claims.
- JWT header.
- JWT header and claims.
- An RSA, EC or Ed25519 private key.
- An RSA, EC or Ed25519 public.
- Decode token.
- Encode and sign this header and claims with the signing key.
- Decode and verify token.
- Decode and verify token, but do not check