Skip to main content

JOSE implementation in Python

Project description

A JOSE implementation in Python

Build Status Coverage Status

The JavaScript Object Signing and Encryption (JOSE) technologies - JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), and JSON Web Algorithms (JWA) - collectively can be used to encrypt and/or sign content using a variety of algorithms. While the full set of permutations is extremely large, and might be daunting to some, it is expected that most applications will only use a small set of algorithms to meet their needs.


This is a JOSE implementation that is meant to be simple to use, both on and off of AppEngine.


JSON Web Signature

JSON Web Signatures (JWS) are used to digitally sign a JSON encoded object and represent it as a compact URL-safe string.

Signing tokens

>>> from jose import jws
>>> signed = jws.sign({'a': 'b'}, 'secret', algorithm='HS256')

Verifying token signatures

>>> jws.verify(signed, 'secret', algorithms=['HS256'])
{'a': 'b'}

JSON Web Token

JSON Web Tokens (JWT) are a JWS with a set of reserved claims to be used in a standardized manner.

JWT Reserved Claims

Claim Name Format Usage
‘exp’ Expiration int The time after which the token is invalid.
‘nbf’ Not Before int The time before which the token is invalid.
‘iss’ Issuer str The principal that issued the JWT.
‘aud’ Audience str or list(str) The recipient that the JWT is intended for.
‘iat’ Issued At int The time at which the JWT was issued.


The following algorithms are currently supported.

Algorithm Value Digital Signature or MAC Algorithm
HS256 HMAC using SHA-256 hash algorithm
HS384 HMAC using SHA-384 hash algorithm
HS512 HMAC using SHA-512 hash algorithm
RS256 RSASSA using SHA-256 hash algorithm
RS384 RSASSA using SHA-384 hash algorithm
RS512 RSASSA using SHA-512 hash algorithm


This library is based heavily on the work of the guys over at PyJWT.

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

python-jose-0.2.0.tar.gz (8.9 kB view hashes)

Uploaded source

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page