JWS

JSON Web Signature (JWS) is the cryptographic signing mechanism behind JWT. It defines how to produce and verify a signature over a JSON payload, using either symmetric (HMAC) or asymmetric (RSA, EC, EdDSA) keys.

How it works

A compact JWS has three Base64URL-encoded sections joined by dots: protected_header.payload.signature. The protected header declares the algorithm (alg) and optionally a key ID (kid). The signature is computed over base64url(header) + "." + base64url(payload) using the declared algorithm.

Verifiers parse the header, look up or derive the matching key (often via JWK), and verify the signature. The payload is encoded, not encrypted; anyone with the token can read it.

Common algorithms

• HS256, HS384, HS512: HMAC with SHA-2, shared secret
• RS256, RS384, RS512: RSA signature, asymmetric
• ES256, ES384, ES512: ECDSA, asymmetric, smaller signatures
• EdDSA: Edwards-curve signatures (Ed25519)
• none: no signature; must be rejected at validation

Specification

Defined by RFC 7515.

🔗

Related Terms JWT, JWE, OAuth 2.0, OIDC, Bearer Token.