- File formats:
- BEST CURRENT PRACTICE
- RFC 7519
- Y. Sheffer
- oauth (sec)
Cite this BCP: TXT
Discuss this RFC: Send questions or comments to the mailing list [email protected]
JSON Web Tokens, also known as JWTs, are URL-safe JSON-based security tokens that contain a set of claims that can be signed and/or encrypted. JWTs are being widely used and deployed as a simple security token format in numerous protocols and applications, both in the area of digital identity and in other application areas. This Best Current Practices document updates RFC 7519 to provide actionable guidance leading to secure implementation and deployment of JWTs.
For the definition of Status, see RFC 2026.
For the definition of Stream, see RFC 8729.