JWT Framework
Search…
v3.0
Introduction
Introduction
Provided Features
Pre-requisite
Continous Integration
Contributing
The Components
Algorithm Management (JWA)
Key (JWK) and Key Set (JWKSet)
Header Checker
Claim Checker
Signed Tokens (JWS)
Encrypted Tokens (JWE)
The Symfony Bundle
Symfony Bundle
Algorithm Management
Key and Key Set Management
Header and Claim Checker Management
Signed Tokens
Encrypted Tokens
Configuration Helper
Events
Console Command
Console
Standalone Application
PHAR Application
Symfony Console
Advanced Topics
Security Recommendations
Nested Tokens
Serialization
Custom Algorithm
Signed tokens and
Encrypted tokens and
Benchmark
How To
Result table
Migration
From v1.x to v2.0
From v2.x to v3.0
Powered By GitBook
Provided Features

Supported Input Types:

JWS or JWE objects support every input that can be encoded into JSON:
  • string, array, integer, float...
  • Objects that implement the \JsonSerializable interface such as JWK or JWKSet
The detached payload is supported.

Supported Serialization Modes

Serialization syntax
JWS
JWE
Compact
YES
YES
Flattened JSON
YES
YES
General JSON
YES
YES
​

Supported Compression Methods

Compression mode
Supported
Deflate (DEF)
YES
The library is able to support any other compression methods just by declaring new classes.

Supported Key Types (JWK)

Key Type
Supported
Comment
oct
YES
Symmetric keys
RSA
YES
RSA based asymmetric keys
EC
YES
Elliptic Curves based asymmetric keys
OKP
YES
Octet Key Pair based asymmetric keys
JWK objects support JSON Web Key Thumbprint (RFC 7638).
A none key type for the none algorithm. It is used to explicitly allow this unsecured algorithm.

Key Sets (JWKSet)

JWKSet is fully supported.

Supported Signature Algorithms

Signature Algorithm
Supported
Comment
HS256
HS384
HS512
YES
​
ES256
ES384
ES512
YES
​
RS256
RS384
RS512
YES
​
PS256
PS384
PS512
YES
GMP or BCMath extension is highly recommended
none
YES
Please note that this is not a secured algorithm. USE IT WITH CAUTION!
EdDSA with Ed25519 curve
YES
​
EdDSA with Ed448 curve
NO
No extension or built-in implementation available
Other signature algorithms like RS1, HS1 or HS256/64 are also available. These algorithms should be used for testing purpose only or for compatibility with old systems

Supported Key Encryption Algorithms

Key Encryption Algorithm
Supported
dir
YES
RSA1_5
RSA-OAEP
RSA-OAEP-256
YES
ECDH-ES
ECDH-ES+A128KW
ECDH-ES+A192KW
ECDH-ES+A256KW
YES
A128KW
A192KW
A256KW
YES
PBES2-HS256+A128KW
PBES2-HS384+A192KW
PBES2-HS512+A256KW
YES
A128GCMKW
A192GCMKW
A256GCMKW
YES
ECDH-ES with X25519 curve
YES
ECDH-ES with X448 curve
NO
Other encryption algorithms like RSA-OEAP-384 or ChaCha20-Poly1305 are also available. These algorithms should be used for testing purpose only or for compatibility with old systems
For RSA-based encryption algorithms, it is highly recommended to install GMP or BCMath extension.
The algorithms RSA1_5 and RSA-OAEP are now deprecated. Please use with caution.

Supported Content Encryption Algorithms

Content Encryption Algorithm
Supported
A128CBC+HS256
A192CBC+HS384
A256CBC+HS512
YES
A128GCM
A192GCM
A256GCM
YES
Other encryption algorithms like A128CTR, A192CTR and A256CTR are also available. These algorithms should be used for testing purpose only or for compatibility with old systems
Previous
Introduction
Next - Introduction
Pre-requisite
Last modified 3mo ago
Export as PDF
Copy link
Outline
Supported Input Types:
Supported Serialization Modes
Supported Compression Methods
Supported Key Types (JWK)
Key Sets (JWKSet)
Supported Signature Algorithms
Supported Key Encryption Algorithms
Supported Content Encryption Algorithms