Abdul Gafoor
Reputation: 974
Which binaries should I go for JWT for java?
I am the novice to JWT token usage, while reading came to know from jwt.io that there are six versions with different types of binaries are available as below.
- com.auth0 / java-jwt / 3.3.0
- org.bitbucket.b_c / jose4j / 0.6.3
- com.nimbusds / nimbus-jose-jwt / 5.7
- io.jsonwebtoken / jjwt / 0.9.0
- com.inversoft / prime-jwt / 1.3.0
- io.vertx / vertx-auth-jwt / 3.5.1
Can anyone please explain to me what is the broad difference between them, except java version support.
Upvotes: 9
Views: 5794
Answers (1)
cassiomolin
Reputation: 131117
A JWT can be cryptographically signed (making it a JWS) or encrypted (making it a JWE):
The image was extracted from this page.
Take your pick based on the features supported by each implementation. As mentioned in the comments, JJWT and Nimbus JOSE + JWT seem to be the most widely used libraries for JWT in Java.
See the documentation for details on usage and supported features of both libraries:
- JJWT documentation on GitHub
- Nimbus JOSE + JWT documentation on BitBucket
Upvotes: 6
Related Questions
- Auth0 JWT with Java
- JWT differences between jose4j and jjwt dependencies in Spring
- The nimbus-jose-jwt and io.jsonwebtoken - which jjwt library to pick and why?
- JJWT dependency confusion
- Securing Java Rest Service : JSON WebToken (JWT ) or oAuth 1.0?
- Securing REST services with JWT in JAVA ee
- Jose4j library compatibility with Java 6
- Decide using com.auth0 or io.jsonwebtoken for JWT in Java
- JWT: jwtk/jjwt with public/private keys
- How to generate a JWT/JWS with JWE