JavaScript Object Signing and Encryption

Read and write JSON Web Keys (JWK, rfc7517), generate and verify JSON Web Signatures (JWS, rfc7515) and encode/decode JSON Web Tokens (JWT, rfc7519). These standards provide modern signing and encryption formats that are the basis for services like OAuth 2.0 or LetsEncrypt and are natively supported by browsers via the JavaScript WebCryptoAPI.



  • jwt_encode_sig() and jwt_decode_sig() now use proper 64bit signatures as described in the spec (instead of openssl DER structures)


  • jwt_encode_hmac() and jwt_encode_sig() gain a 'header' parameter
  • Add spell checker, update maintainer email address

Reference manual

It appears you don't have a PDF plugin for this browser. You can click here to download the reference manual.


1.0 by Jeroen Ooms, 2 years ago

Report a bug at

Browse source code at

Authors: Jeroen Ooms [aut, cre]

Documentation:   PDF Manual  

MIT + file LICENSE license

Imports jsonlite

Depends on openssl

Suggests spelling, testthat, knitr, rmarkdown

Imported by AzureAuth, AzureKeyVault, ausplotsR, googleCloudRunner, polished.

Suggested by boxr, openssl.

See at CRAN