{"id":13508449,"url":"https://github.com/garyf/json_web_token_ex","last_synced_at":"2026-02-19T20:31:33.005Z","repository":{"id":35496006,"uuid":"39765614","full_name":"garyf/json_web_token_ex","owner":"garyf","description":"An Elixir implementation of the JSON Web Token (JWT) Standard, RFC 7519","archived":false,"fork":false,"pushed_at":"2021-10-06T12:48:09.000Z","size":62,"stargazers_count":144,"open_issues_count":11,"forks_count":51,"subscribers_count":5,"default_branch":"master","last_synced_at":"2025-10-26T19:59:04.405Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Elixir","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/garyf.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-07-27T09:17:24.000Z","updated_at":"2025-03-14T09:11:07.000Z","dependencies_parsed_at":"2022-09-26T17:50:54.955Z","dependency_job_id":null,"html_url":"https://github.com/garyf/json_web_token_ex","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/garyf/json_web_token_ex","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/garyf%2Fjson_web_token_ex","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/garyf%2Fjson_web_token_ex/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/garyf%2Fjson_web_token_ex/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/garyf%2Fjson_web_token_ex/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/garyf","download_url":"https://codeload.github.com/garyf/json_web_token_ex/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/garyf%2Fjson_web_token_ex/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29630829,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-19T18:02:07.722Z","status":"ssl_error","status_checked_at":"2026-02-19T18:01:46.144Z","response_time":117,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-01T02:00:53.170Z","updated_at":"2026-02-19T20:31:32.987Z","avatar_url":"https://github.com/garyf.png","language":"Elixir","funding_links":[],"categories":["JSON","Libraries"],"sub_categories":["Elixir"],"readme":"# JSON Web Token [![travis][ci_img]][travis] [![hex docs][hd_img]][hex_docs]\n\n## A JSON Web Token (JWT) implementation for Elixir\n\n### Description\nAn Elixir implementation of the JSON Web Token (JWT) standard [RFC 7519][rfc7519]\n\n### Philosophy \u0026 design goals\n* Minimal API surface area\n* Clear separation and conformance to underlying standards\n  - JSON Web Signature (JWS) Standards Track [RFC 7515][rfc7515]\n  - JSON Web Algorithms (JWA) Standards Track [RFC 7518][rfc7518]\n* Thorough test coverage\n* Modularity for comprehension and extensibility\n* Fail fast and hard, with maximally strict validation\n  - Inspired by [The Harmful Consequences of Postel's Maxim][thomson-postel]\n* Implement only the REQUIRED elements of the JWT standard (initially)\n\n## Usage\n\nAdd JsonWebToken as a dependency in your `mix.exs` file:\n\n```elixir\ndefp deps do\n  [{:json_web_token, \"~\u003e 0.2\"}]\nend\n```\n\n### JsonWebToken.sign(claims, options)\n\nReturns a JSON Web Token string\n\n`claims` (required) string or map\n\n`options` (required) map\n\n* **alg** (optional, default: `\"HS256\"`)\n* **key** (required unless alg is \"none\")\n\nInclude any JWS JOSE header parameters ([RFC 7515][rfc7515]) in the options map\n\nExample\n\n```elixir\n\n# sign with default algorithm, HMAC SHA256\njwt = JsonWebToken.sign(%{foo: \"bar\"}, %{key: \"gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr9C\"})\n\n# sign with RSA SHA256 algorithm\nprivate_key = JsonWebToken.Algorithm.RsaUtil.private_key(\"path/to/\", \"key.pem\")\nopts = %{\n  alg: \"RS256\",\n  key: private_key\n}\n\njwt = JsonWebToken.sign(%{foo: \"bar\"}, opts)\n\n# unsecured token (algorithm is \"none\")\njwt = JsonWebToken.sign(%{foo: \"bar\"}, %{alg: \"none\"})\n\n```\n\n### JsonWebToken.verify(jwt, options)\n\nReturns a tuple, either:\n* \\{:ok, claims\\}, a JWT claims set map, if the Message Authentication Code (MAC), or signature, is verified\n* \\{:error, \"invalid\"\\}, otherwise\n\n`\"jwt\"` (required) is a JSON web token string\n\n`options` (required) map\n\n* **alg** (optional, default: `\"HS256\"`)\n* **key** (required unless alg is \"none\")\n\nExample\n\n```elixir\n\nsecure_jwt_example = \"eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt.cGxlLmNvbS9pc19yb290Ijp0cnVlfQ.dBjftJeZ4CVP-mB92K27uhbUJU1p1r_wW1gFWFOEjXk\"\n\n# verify with default algorithm, HMAC SHA256\n{:ok, claims} = JsonWebToken.verify(secure_jwt_example, %{key: \"gZH75aKtMN3Yj0iPS4hcgUuTwjAzZr9C\"})\n\n# verify with RSA SHA256 algorithm\nopts = %{\n  alg: \"RS256\",\n  key: \u003c RSA public key \u003e\n}\n\n{:ok, claims} = JsonWebToken.verify(jwt, opts)\n\n# unsecured token (algorithm is \"none\")\nunsecured_jwt_example = \"eyJ0eXAiOiJKV1QiLA0KICJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJqb2UiLA0KICJleHAiOjEzMDA4MTkzODAsDQogImh0dHA6Ly9leGFt.\"\n\n{:ok, claims} = JsonWebToken.verify(unsecured_jwt_example, %{alg: \"none\"})\n\n```\n\n### Supported encryption algorithms\n\nalg Param Value | Digital Signature or MAC Algorithm\n------|------\nHS256 | HMAC using SHA-256 per [RFC 2104][rfc2104]\nHS384 | HMAC using SHA-384\nHS512 | HMAC using SHA-512\nRS256 | RSASSA-PKCS-v1_5 using SHA-256 per [RFC3447][rfc3447]\nRS384 | RSASSA-PKCS-v1_5 using SHA-384\nRS512 | RSASSA-PKCS-v1_5 using SHA-512\nES256 | ECDSA using P-256 and SHA-256 per [DSS][dss]\nES384 | ECDSA using P-384 and SHA-384\nES512 | ECDSA using P-521 and SHA-512\nnone | No digital signature or MAC performed (unsecured)\n\n### Registered claim names\n\nA companion Hex package, [JWT Claims][jwt_claims], provides support for verifying these optional, registered claim names:\n* \"**iss**\" (Issuer)\n* \"**sub**\" (Subject)\n* \"**aud**\" (Audience)\n* \"**exp**\" (Expiration Time)\n* \"**nbf**\" (Not Before)\n* \"**iat**\" (Issued At)\n* \"**jti**\" (JWT ID)\n\n### Supported Elixir versions\nElixir 1.4 and up\n\n### Limitations\nFuture implementation may include these features:\n\n- representation of a JWT as a JSON Web Encryption (JWE) [RFC 7516][rfc7516]\n- OPTIONAL nested JWTs\n\n[rfc2104]: http://tools.ietf.org/html/rfc2104\n[rfc3447]: http://tools.ietf.org/html/rfc3447\n[rfc7515]: http://tools.ietf.org/html/rfc7515\n[rfc7516]: http://tools.ietf.org/html/rfc7516\n[rfc7518]: http://tools.ietf.org/html/rfc7518\n[rfc7519]: http://tools.ietf.org/html/rfc7519\n[dss]: http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf\n\n[thomson-postel]: https://tools.ietf.org/html/draft-thomson-postel-was-wrong-00\n\n[travis]: https://travis-ci.org/garyf/json_web_token_ex\n[ci_img]: https://travis-ci.org/garyf/json_web_token_ex.svg?branch=master\n[hex_docs]: http://hexdocs.pm/json_web_token\n[hd_img]: http://img.shields.io/badge/docs-hexpm-blue.svg\n\n[jwt_claims]: https://github.com/garyf/jwt_claims_ex\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgaryf%2Fjson_web_token_ex","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgaryf%2Fjson_web_token_ex","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgaryf%2Fjson_web_token_ex/lists"}