JWT Framework
Search…
JWT Framework
v2.x
Introduction
Introduction
Provided Features
Pre-requisite
Continous Integration
Contributing
The Easy Way
The "Easy" Way
The Components
Algorithm Management (JWA)
Key (JWK) and Key Set (JWKSet)
Header Checker
Claim Checker
Signed Tokens (JWS)
Encrypted Tokens (JWE)
The Symfony Bundle
Symfony Bundle
Algorithm Management
Key and Key Set Management
Header and Claim Checker Management
Signed Tokens
Encrypted Tokens
Configuration Helper
Events
Profiling/Debugging
Console Command
Console
Standalone Application
PHAR Application
Symfony Console
Advanced Topics
Security Recommendations
Nested Tokens
Serialization
Custom Algorithm
Signed tokens and
Encrypted tokens and
Unprotected Headers
Multiple Recipients
Additional Authentication Data (AAD)
Benchmark
How To
Result table
Migration
Migration
Powered By GitBook
Unprotected Headers
As well as the signed tokens, the encrypted tokens also have unprotected header. But with one difference: there are two unprotected headers:
  • Shared unprotected header applicable to all recipients.
  • Per-recipient unprotected header.
With the example below, we will create an encrypted token for two recipient and some unprotected header parameters:
1
$jwe = $jweBuilder
2
->create()
3
->withPayload('...')
4
->withSharedProtectedHeader(['enc' => 'A256GCM', 'alg' => 'A256KW'])
5
->withSharedHeader(['author' => 'John Doe'])
6
->addRecipient($recipient_public_key_1, ['message' => 'Hello World!'])
7
->addRecipient($recipient_public_key_2, ['description' => 'Nice song for you'])
8
->build();
Copied!
The variable $jwe will be a valid JWE object built for two recipients. The unprotected header parameter author is applicable to the whole token while message and description are available only for the first and second recipient respectively.
Note: when an unprotected header is set, the Compact Serialization mode is not available.
Advanced Topics - Previous
Encrypted tokens and
Next
Multiple Recipients
Last modified 3yr ago
Copy link