Overview#

JSON Web Encryption (JWE) is a means of representing encrypted content using JavaScript Object Notation (JSON) data structures.

Cryptographic algorithms and identifiers for use with this specification are described in the separate JSON Web Algorithms (JWA) specification.

Related Digital Signature and MAC capabilities are described in the separate JSON Web Signature (JWS) specification.

JSON Web Encryption is defined in RFC 7516

JSON Web Encryption is used for encryption of JSON Web Tokens

Header Values#

enc (encryption algorithm)#

The enc (encryption algorithm) Header Parameter identifies the content encryption algorithm used to perform authenticated encryption on the Plaintext to produce the Ciphertext and the Authentication Tag. This algorithm MUST be an AEAD algorithm with a specified key length. The encrypted content is not usable if the enc value does not represent a supported algorithm. enc values should either be registered in the IANA JSON Web Signature and Encryption Algorithms registry defined in JWA or be a value that contains a Collision-Resistant Name. The enc !! More Information There might be more information for this subject on one of the following:

• Client Secret
• Enc
• Identity Token
• JOSE-Cookbook
• JSON Identity Suite
• JSON Web Algorithms
• JSON Web Signature
• JSON Web Signature and Encryption Header Parameters Registry
• JSON Web Token Best Current Practices
• JSON Web Tokens
• JWE
• JWK Set
• JWT Data Exchange
• Javascript Object Signing and Encryption
• Jwks_uri
• Nested JWT
• OAuth 2.0 Message Authentication Code (MAC) Tokens
• Openid-configuration
• RFC 7516
• Security Event Token
• Userinfo_encryption_alg_values_supported
• Userinfo_encryption_enc_values_supported
• Why OAuth 2.0