The CompactEncrypt class is used to build and encrypt Compact JWE strings.

The CompactSign class is used to build and sign Compact JWS strings.

The EncryptJWT class is used to build and encrypt Compact JWE formatted JSON Web Tokens.

An error subclass thrown when a JOSE Algorithm is not allowed per developer preference.

A generic Error that all other JOSE specific Error subclasses extend.

An error subclass thrown when a particular feature or algorithm is not supported by this implementation or JOSE in general.

An error subclass thrown when a JWE ciphertext decryption fails.

An error subclass thrown when a JWE is invalid.

An error subclass thrown when a JWK is invalid.

An error subclass thrown when a JWKS is invalid.

An error subclass thrown when multiple keys match from a JWKS.

An error subclass thrown when no keys match from a JWKS.

Timeout was reached when retrieving the JWKS response.

An error subclass thrown when a JWS is invalid.

An error subclass thrown when JWS signature verification fails.

An error subclass thrown when a JWT Claim Set member validation fails.

An error subclass thrown when a JWT is expired.

An error subclass thrown when a JWT is invalid.

The FlattenedEncrypt class is used to build and encrypt Flattened JWE objects.

The FlattenedSign class is used to build and sign Flattened JWS objects.

The GeneralEncrypt class is used to build and encrypt General JWE objects.

The GeneralSign class is used to build and sign General JWS objects.

Generic class for JWT producing.

The SignJWT class is used to build and sign Compact JWS formatted JSON Web Tokens.

The UnsecuredJWT class is a utility for dealing with { "alg": "none" } Unsecured JWTs.

Calculates a base64url-encoded JSON Web Key (JWK) Thumbprint

Calculates a JSON Web Key (JWK) Thumbprint URI

Decrypts a Compact JWE.

Verifies the signature and format of and afterwards decodes the Compact JWS.

Returns a function that resolves to a key object from a locally stored, or otherwise available, JSON Web Key Set.

Returns a function that resolves to a key object downloaded from a remote endpoint returning a JSON Web Key Set, that is, for example, an OAuth 2.0 or OIDC jwks_uri. The JSON Web Key Set is fetched when no key matches the selection process but only as frequently as the cooldownDuration option allows to prevent abuse.

Decodes a signed JSON Web Token payload. This does not validate the JWT Claims Set types or values. This does not validate the JWS Signature. For a proper Signed JWT Claims Set validation and JWS signature verification use jose.jwtVerify(). For an encrypted JWT Claims Set validation and JWE decryption use jose.jwtDecrypt().

Decodes the Protected Header of a JWE/JWS/JWT token utilizing any JOSE serialization.

EmbeddedJWK is an implementation of a GetKeyFunction intended to be used with the JWS/JWT verify operations whenever you need to opt-in to verify signatures with a public key embedded in the token's "jwk" (JSON Web Key) Header Parameter. It is recommended to combine this with the verify function's algorithms option to define accepted JWS "alg" (Algorithm) Header Parameter values.

Exports a runtime-specific key representation (KeyLike) to a JWK.

Exports a runtime-specific private key representation (KeyObject or CryptoKey) to a PEM-encoded PKCS8 string format.

Exports a runtime-specific public key representation (KeyObject or CryptoKey) to a PEM-encoded SPKI string format.

Decrypts a Flattened JWE.

Verifies the signature and format of and afterwards decodes the Flattened JWS.

Decrypts a General JWE.

Verifies the signature and format of and afterwards decodes the General JWS.

Generates a private and a public key for a given JWA algorithm identifier. This can only generate asymmetric key pairs. For symmetric secrets use the generateSecret function.

Generates a symmetric secret key for a given JWA algorithm identifier.

Imports a JWK to a runtime-specific key representation (KeyLike). Either JWK "alg" (Algorithm) Parameter must be present or the optional "alg" argument. When running on a runtime using Web Cryptography API the jwk parameters "use", "key_ops", and "ext" are also used in the resulting CryptoKey.

Imports a PEM-encoded PKCS#8 string as a runtime-specific private key representation (KeyObject or CryptoKey).

Imports a PEM-encoded SPKI string as a runtime-specific public key representation (KeyObject or CryptoKey).

Imports the SPKI from an X.509 string certificate as a runtime-specific public key representation (KeyObject or CryptoKey).

Verifies the JWT format (to be a JWE Compact format), decrypts the ciphertext, validates the JWT Claims Set.

Verifies the JWT format (to be a JWS Compact format), verifies the JWS signature, validates the JWT Claims Set.

Interface for Compact JWE Decryption dynamic key resolution. No token components have been verified at the time of this function call.

Recognized Compact JWE Header Parameters, any other Header Members may also be present.

Recognized Compact JWS Header Parameters, any other Header Members may also be present.

Interface for Compact JWS Verification dynamic key resolution. No token components have been verified at the time of this function call.

Shared Interface with a "crit" property for all sign, verify, encrypt and decrypt operations.

JWE Decryption options.

Deflate Raw implementation, e.g. promisified zlib.deflateRaw.

JWE Deflate option.

JWE Encryption options.

Interface for Flattened JWE Decryption dynamic key resolution. No token components have been verified at the time of this function call.

Flattened JWE definition.

Flattened JWS definition. Payload is returned as an empty string when JWS Unencoded Payload (RFC7797) is used.

Flattened JWS definition for verify function inputs, allows payload as Uint8Array for detached signature validation.

Interface for Flattened JWS Verification dynamic key resolution. No token components have been verified at the time of this function call.

Interface for General JWE Decryption dynamic key resolution. No token components have been verified at the time of this function call.

General JWS definition. Payload is returned as an empty string when JWS Unencoded Payload (RFC7797) is used.

General JWS definition for verify function inputs, allows payload as Uint8Array for detached signature validation.

Interface for General JWS Verification dynamic key resolution. No token components have been verified at the time of this function call.

Inflate Raw implementation, e.g. promisified zlib.inflateRaw.

JSON Web Key Set

Recognized JWE Header Parameters, any other Header members may also be present.

Recognized JWE Key Management-related Header Parameters.

JSON Web Key (JWK). "RSA", "EC", "OKP", and "oct" key types are supported.

Recognized JWS Header Parameters, any other Header Members may also be present.

JWT Claims Set verification options.

Interface for JWT Decryption dynamic key resolution. No token components have been verified at the time of this function call.

Combination of JWE Decryption options and JWT Claims Set verification options.

Recognized Signed JWT Header Parameters, any other Header Members may also be present.

Recognized JWT Claims Set members, any other members may also be present.

Interface for JWT Verification dynamic key resolution. No token components have been verified at the time of this function call.

Combination of JWS Verification options and JWT Claims Set verification options.

Options for the remote JSON Web Key Set.

JWS Signing options.

JWS Verification options.

KeyLike are runtime-specific classes representing asymmetric keys or symmetric secrets. These are instances of CryptoKey and additionally KeyObject in Node.js runtime. Uint8Array instances are also accepted as symmetric secret representation only.