Skip to main content

JSON Web Token implementation in Python

Project description

A Python implementation of [JSON Web Token draft 01](

This is Mozilla’s fork of [PyJWT]( which adds RSA algorithms, fixes some timing attacks, and makes a few other adjustments. It is used in projects such as [webpay](


Install the module with [pip]( or something similar:

pip install PyJWT-mozilla

This install step will also install/compile [M2Crypto]( so you will need swig for this. You can get it with a package manager like:

brew install swig

Alternatively you can probably find a binary package for M2Crypto with something like this:

sudo apt-get install python-m2crypto


import jwt jwt.encode({“some”: “payload”}, “secret”)

Note the resulting JWT will not be encrypted, but verifiable with a secret key.

jwt.decode(“someJWTstring”, “secret”)

If the secret is wrong, it will raise a jwt.DecodeError telling you as such. You can still get at the payload by setting the verify argument to false.

jwt.decode(“someJWTstring”, verify=False)


The JWT spec supports several algorithms for cryptographic signing. This library currently supports:

  • HS256 - HMAC using SHA-256 hash algorithm (default)
  • HS384 - HMAC using SHA-384 hash algorithm
  • HS512 - HMAC using SHA-512 hash algorithm
  • RS256 - RSA using SHA-256 hash algorithm
  • RS384 - RSA using SHA-384 hash algorithm
  • RS512 - RSA using SHA-584 hash algorithm

Change the algorithm with by setting it in encode:

jwt.encode({“some”: “payload”}, “secret”, “HS512”)


Install the project in a [virtualenv]( (or wherever) by typing this from the root:

python develop

Run the tests like this:

python tests/



Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for PyJWT-mozilla, version 0.1.5
Filename, size File type Python version Upload date Hashes
Filename, size PyJWT-mozilla-0.1.5.tar.gz (5.4 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page