JSON Web Token is a proposed Internet standard for creating data with optional signature and/or optional encryption whose payload holds JSON that asserts ...
JSONWebToken
FromWikipedia,thefreeencyclopedia
Jumptonavigation
Jumptosearch
JSON-basedstandardforpassingclaimsbetweenpartiesinwebapplicationenvironments
JSONWebTokenAbbreviationJWTStatusProposedStandardFirstpublishedDecember 28, 2010 (2010-12-28)LatestversionRFC 7519May2015OrganizationIETFCommitteeIEGSAuthors
MichaelB.Jones
Microsoft
JohnBradley
PingIdentity
NatSakimura
NRI
Basestandards
JSON
JSONWebEncryption(JWE)
JSONWebSignature(JWS)
DomainDataexchangeWebsitedatatracker.ietf.org/doc/html/rfc7519
JSONWebToken(JWT,pronounced/dʒɒt/,sameastheword"jot"[1])isaproposedInternetstandardforcreatingdatawithoptionalsignatureand/oroptionalencryptionwhosepayloadholdsJSONthatassertssomenumberofclaims.Thetokensaresignedeitherusingaprivatesecretorapublic/privatekey.
Forexample,aservercouldgenerateatokenthathastheclaim"loggedinasadministrator"andprovidethattoaclient.Theclientcouldthenusethattokentoprovethatitisloggedinasadmin.Thetokenscanbesignedbyoneparty'sprivatekey(usuallytheserver's)sothatpartycansubsequentlyverifythetokenislegitimate.Iftheotherparty,bysomesuitableandtrustworthymeans,isinpossessionofthecorrespondingpublickey,theytooareabletoverifythetoken'slegitimacy.Thetokensaredesignedtobecompact,[2]URL-safe,[3]andusableespeciallyinaweb-browsersingle-sign-on(SSO)context.JWTclaimscantypicallybeusedtopassidentityofauthenticatedusersbetweenanidentityproviderandaserviceprovider,oranyothertypeofclaimsasrequiredbybusinessprocesses.[4][5]
JWTreliesonotherJSON-basedstandards:JSONWebSignatureandJSONWebEncryption.[1][6][7]
Contents
1Structure
2Use
3Standardfields
4Implementations
5Vulnerabilities
6Seealso
7References
8Externallinks
Structure[edit]
Header
{
"alg":"HS256",
"typ":"JWT"
}
Identifieswhichalgorithmisusedtogeneratethesignature
HS256indicatesthatthistokenissignedusingHMAC-SHA256.
TypicalcryptographicalgorithmsusedareHMACwithSHA-256(HS256)andRSAsignaturewithSHA-256(RS256).JWA(JSONWebAlgorithms)RFC7518introducesmanymoreforbothauthenticationandencryption.[8]
Payload
{
"loggedInAs":"admin",
"iat":1422779638
}
Containsasetofclaims.TheJWTspecificationdefinessevenRegisteredClaimNameswhicharethestandardfieldscommonlyincludedintokens.[1]Customclaimsareusuallyalsoincluded,dependingonthepurposeofthetoken.
ThisexamplehasthestandardIssuedAtTimeclaim(iat)andacustomclaim(loggedInAs).
Signature
HMAC_SHA256(
secret,
base64urlEncoding(header)+'.'+
base64urlEncoding(payload)
)
Securelyvalidatesthetoken.ThesignatureiscalculatedbyencodingtheheaderandpayloadusingBase64urlEncodingRFC 4648andconcatenatingthetwotogetherwithaperiodseparator.Thatstringisthenrunthroughthecryptographicalgorithmspecifiedintheheader,inthiscaseHMAC-SHA256.TheBase64urlEncodingissimilartobase64,butusesdifferentnon-alphanumericcharactersandomitspadding.
ThethreepartsareencodedseparatelyusingBase64urlEncodingRFC 4648,andconcatenatedusingperiodstoproducetheJWT:
consttoken=base64urlEncoding(header)+'.'+base64urlEncoding(payload)+'.'+base64urlEncoding(signature)
Theabovedataandthesecretof"secretkey"createsthetoken:
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJsb2dnZWRJbkFzIjoiYWRtaW4iLCJpYXQiOjE0MjI3Nzk2Mzh9.gzSraSYS8EXBxLN_oWnFSRgCzcmJmMjLiuyu5CSpyHI
ThisresultingtokencanbeeasilypassedintoHTMLandHTTP.[3]
Use[edit]
Inauthentication,whentheusersuccessfullylogsinusingtheircredentials,aJSONWebTokenwillbereturnedandmustbesavedlocally(typicallyinlocalorsessionstorage,butcookiescanalsobeused),insteadofthetraditionalapproachofcreatingasessionintheserverandreturningacookie.ForunattendedprocessestheclientmayalsoauthenticatedirectlybygeneratingandsigningitsownJWTwithapre-sharedsecretandpassittoaOAuthcompliantservicelikeso:POST/oauth2/token?
Content-type:application/x-www-form-urlencoded
grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer&assertion=eyJhb...
IftheclientpassesavalidJWTassertiontheserverwillgenerateanaccess_tokenvalidformakingcallstotheapplicationandpassitbacktotheclient:{
"access_token":"eyJhb...",
"token_type":"Bearer",
"expires_in":3600
}
Whentheclientwantstoaccessaprotectedrouteorresource,theuseragentshouldsendtheJWT,typicallyintheAuthorizationheaderusingtheBearerschema.Thecontentoftheheadermightlooklikethefollowing:
Authorization:BearereyJhbGci......yu5CSpyHI
Thisisastatelessauthenticationmechanismastheuserstateisneversavedinservermemory.Theserver'sprotectedrouteswillcheckforavalidJWTintheAuthorizationheader,andifitispresent,theuserwillbeallowedtoaccessprotectedresources.AsJWTsareself-contained,allthenecessaryinformationisthere,reducingtheneedtoquerythedatabasemultipletimes.
Standardfields[edit]
Code
Name
Description
Standardclaimfields
Theinternetdraftsdefinethefollowingstandardfields("claims")thatcanbeusedinsideaJWTclaimset.
iss
Issuer
IdentifiesprincipalthatissuedtheJWT.
sub
Subject
IdentifiesthesubjectoftheJWT.
aud
Audience
IdentifiestherecipientsthattheJWTisintendedfor.EachprincipalintendedtoprocesstheJWTmustidentifyitselfwithavalueintheaudienceclaim.Iftheprincipalprocessingtheclaimdoesnotidentifyitselfwithavalueintheaudclaimwhenthisclaimispresent,thentheJWTmustberejected.
exp
ExpirationTime
IdentifiestheexpirationtimeonandafterwhichtheJWTmustnotbeacceptedforprocessing.ThevaluemustbeaNumericDate:[9]eitheranintegerordecimal,representingsecondspast1970-01-0100:00:00Z.
nbf
NotBefore
IdentifiesthetimeonwhichtheJWTwillstarttobeacceptedforprocessing.ThevaluemustbeaNumericDate.
iat
Issuedat
IdentifiesthetimeatwhichtheJWTwasissued.ThevaluemustbeaNumericDate.
jti
JWTID
Case-sensitiveuniqueidentifierofthetokenevenamongdifferentissuers.
Commonly-usedheaderfields
ThefollowingfieldsarecommonlyusedintheheaderofaJWT
typ
Tokentype
Ifpresent,itmustbesettoaregisteredIANAMediaType.
cty
Contenttype
Ifnestedsigningorencryptionisemployed,itisrecommendedtosetthistoJWT;otherwise,omitthisfield.[1]
alg
Messageauthenticationcodealgorithm
Theissuercanfreelysetanalgorithmtoverifythesignatureonthetoken.However,somesupportedalgorithmsareinsecure.[10]
kid
KeyID
Ahintindicatingwhichkeytheclientusedtogeneratethetokensignature.Theserverwillmatchthisvaluetoakeyonfileinordertoverifythatthesignatureisvalidandthetokenisauthentic.
x5c
x.509CertificateChain
AcertificatechaininRFC4945formatcorrespondingtotheprivatekeyusedtogeneratethetokensignature.Theserverwillusethisinformationtoverifythatthesignatureisvalidandthetokenisauthentic.
x5u
x.509CertificateChainURL
AURLwheretheservercanretrieveacertificatechaincorrespondingtotheprivatekeyusedtogeneratethetokensignature.Theserverwillretrieveandusethisinformationtoverifythatthesignatureisauthentic.
crit
Critical
Alistofheadersthatmustbeunderstoodbytheserverinordertoacceptthetokenasvalid
Code
Name
Description
Implementations[edit]
JWTimplementationsexistformanylanguagesandframeworks,includingbutnotlimitedto:
.NET(C#VB.Netetc)[11]
C[12]
Clojure[13]
CommonLisp[14]
Dart[15]
Elixir[16]
Erlang
Go[17]
Haskell[18]
Java[19]
JavaScript[20]
Lua[21]
Node.js[22]
OCaml[23]
Perl[24]
PHP[25]
PL/SQL[26]
PowerShell[27]
Python[28]
Racket[29]
Raku[30]
Ruby[31]
Rust[32][33]
Scala[34]
Swift[35]
Vulnerabilities[edit]
JSONwebtokensmaycontainsessionstate.ButifprojectrequirementsallowsessioninvalidationbeforeJWTexpiration,servicescannolongertrusttokenassertionsbythetokenalone.Tovalidatethatthesessionstoredinthetokenisnotrevoked,tokenassertionsmustbecheckedagainstadatastore.Thisrendersthetokensnolongerstateless,underminingtheprimaryadvantageofJWTs.[36]
SecurityconsultantTimMcLeanreportedvulnerabilitiesinsomeJWTlibrariesthatusedthealgfieldtoincorrectlyvalidatetokens,mostcommonlybyacceptingaalg=nonetoken.Whilethesevulnerabilitieswerepatched,McLeansuggesteddeprecatingthealgfieldaltogethertopreventsimilarimplementationconfusion.[10]Still,newalg=nonevulnerabilitiesarestillbeingfoundinthewild,withfourCVEsfiledinthe2018-2021periodhavingthiscause.[37]
Withproperdesign,developerscanaddressalgorithmvulnerabilitiesbytakingprecautions:[38][39]
NeverlettheJWTheaderalonedriveverification
Knowthealgorithms(avoiddependingonthealgfieldalone)
Useanappropriatekeysize
Seealso[edit]
Accesstoken
References[edit]
^abcdJones,MichaelB.;Bradley,Bradley;Sakimura,Sakimura(May2015).JSONWebToken(JWT).IETF.doi:10.17487/RFC7519.ISSN 2070-1721.RFC7519.
^Nickel,Jochen(2016).MasteringIdentityandAccessManagementwithMicrosoftAzure.p. 84.ISBN 9781785887888.RetrievedJuly20,2018.
^ab"JWT.IO-JSONWebTokensIntroduction".jwt.io.RetrievedJuly20,2018.
^Sevilleja,Chris."TheAnatomyofaJSONWebToken".RetrievedMay8,2015.
^"AtlassianConnectDocumentation".developer.atlassian.com.RetrievedMay8,2015.
^"draft-ietf-jose-json-web-signature-41-JSONWebSignature(JWS)".tools.ietf.org.RetrievedMay8,2015.
^"draft-ietf-jose-json-web-encryption-40-JSONWebEncryption(JWE)".tools.ietf.org.RetrievedMay8,2015.
^"draft-ietf-jose-json-web-algorithms-40-JSONWebAlgorithms(JWA)".tools.ietf.org.RetrievedMay8,2015.
^Jones,MichaelB.;Bradley,Bradley;Sakimura,Sakimura(May2015).""exp"(ExpirationTime)Claim".JSONWebToken(JWT).IETF.sec. 4.1.4.doi:10.17487/RFC7519.ISSN 2070-1721.RFC7519.
^abMcLean,Tim(March31,2015)."CriticalvulnerabilitiesinJSONWebTokenlibraries".Auth0.RetrievedMarch29,2016.
^jwt-dotnetongithub.com
^libjwtongithub.com
^"liquidz/clj-jwt".GitHub.RetrievedMay7,2018.
^cljwtongithub.com
^[1]ongithub.com
^"bryanjos/joken".GitHub.RetrievedMay7,2018.
^"golang-jwt/jwt".GitHub.RetrievedJanuary8,2018.
^"jwt:JSONWebToken(JWT)decodingandencoding".Hackage.RetrievedMay7,2018.
^auth0/java-jwtongithub.com
^"kjur/jsrsasign".GitHub.RetrievedMay7,2018.
^"SkyLothar/lua-resty-jwt".GitHub.RetrievedMay7,2018.
^"jsonwebtoken".npm.RetrievedMay7,2018.
^ocaml-jwtongithub.com
^Crypt::JWToncpan.org
^lcobucci/jwtongithub.com
^Egan,Morten(February7,2019),GitHub-morten-egan/jwt_ninja:PLSQLImplementationofJSONWebTokens.,retrievedMarch14,2019
^"SP3269/posh-jwt".GitHub.RetrievedAugust1,2018.
^"jpadilla/pyjwt".GitHub.RetrievedMarch21,2017.
^net-jwtonpkgs.racket-lang.org
^JSON-WebTokenongithub.com
^ruby-jwtongithub.com
^jsonwebtokenongithub.com
^rust-jwtongithub.com
^jwt-scalaongithub.com
^[2]ongithub.com
^Slootweg,Sven."StopusingJWTforsessions".joepie91Ramblings.RetrievedAugust1,2018.
^"CVE-SearchResults".cve.mitre.org.
^"CommonJWTsecurityvulnerabilitiesandhowtoavoidthem".RetrievedMay14,2018.
^Andreas,Happe."JWT:SignaturevsMACattacks".snikt.net.RetrievedMay27,2019.
Externallinks[edit]
RFC 7519
jwt.io–specializedwebsiteaboutJWTwithtoolsanddocumentation,maintainedbyAuth0
SpringBootJWTAuth–IntegratingJWTauthenticationwithSpringframework
JWTSecurity–JWTSecuritye-BookPDF(Polishlanguage)
WhydoweneedJWTinthemodernweb-adetailedarticleonthetopicwithsomehistoricalconsiderations
HowToinstallJWTAuthinlaravel-ArticlewithinstallationstepsofJWTAuth
vteDataexchangeformatsHumanreadableformats
Atom
CSV
EDIFACT
JSON
WebEncryption
WebToken
WebSignature
Propertylist
RDF
Rebol
XML
YAML
Binaryformats
AMF
ASN.1
SMI
Avro
Base32
Base64
BSON
UBJSON
CBOR
FlatBuffers
MessagePack
Propertylist
ProtocolBuffers
Thrift
UAVCANDSDL
XDR
uuencode
yEnc
Retrievedfrom"https://en.wikipedia.org/w/index.php?title=JSON_Web_Token&oldid=1061040598"
Categories:ComputeraccesscontrolIdentitymanagementFederatedidentityIdentitymanagementsystemsMetadatastandardsJSONHiddencategories:ArticleswithshortdescriptionShortdescriptionisdifferentfromWikidataUseAmericanEnglishfromJuly2019AllWikipediaarticleswritteninAmericanEnglishUsemdydatesfromJuly2019
Navigationmenu
Personaltools
NotloggedinTalkContributionsCreateaccountLogin
Namespaces
ArticleTalk
Variants
expanded
collapsed
Views
ReadEditViewhistory
More
expanded
collapsed
Search
Navigation
MainpageContentsCurrenteventsRandomarticleAboutWikipediaContactusDonate
Contribute
HelpLearntoeditCommunityportalRecentchangesUploadfile
Tools
WhatlinkshereRelatedchangesUploadfileSpecialpagesPermanentlinkPageinformationCitethispageWikidataitem
Print/export
DownloadasPDFPrintableversion
Languages
БългарскиCatalàDeutschEestiEspañolFrançais한국어Հայերենעברית日本語PortuguêsРусскийSuomiTürkçeУкраїнська
Editlinks
