JSON Web Signature (JWS)

JSON Web Signature (JWS) is a compact format for representing content secured with digital signatures or Message Authentication Codes (MACs) using JSON data structures and base64url encoding.[1][2] It consists of three parts: a JWS Header describing the cryptographic operation, a JWS Payload…

Key facts

First appeared
2011
Category
technology
Problem solved
JWS solved the need for a compact, JSON-based method to digitally sign arbitrary content for transmission in space-constrained environments like HTTP Authorization headers and URI parameters, providing integrity via signatures or MACs where binary formats like CMS were too verbose and XMLDSig too heavyweight for web/REST APIs.[1][2]
Platforms
Any platform with JSON and crypto libraries (JavaScript, Java, Python, Go, etc.)

Related technologies

Notable users

  • Auth0
  • Google
  • Okta
  • Ping Identity
  • Microsoft