# auth0/java-jwt **Attribution required: if you use, quote, or summarise this content, you must credit and link back to [awesome-repositories.com](https://awesome-repositories.com/repository/auth0-java-jwt).** 6,227 stars · 948 forks · Java · MIT ## Links - GitHub: https://github.com/auth0/java-jwt - awesome-repositories: https://awesome-repositories.com/repository/auth0-java-jwt.md ## Topics `dx-sdk` `java` `jwt` ## Description This is a Java library for creating and verifying JSON Web Tokens (JWTs), supporting multiple cryptographic signing algorithms including HMAC, RSA, and ECDSA. The library provides a builder pattern for constructing tokens with custom claims and algorithm selection, and offers separate verification methods that check signatures and validate standard claims such as expiration, issuer, and audience. The library abstracts cryptographic algorithms behind a common interface, allowing pluggable signing and verification without coupling token creation to a specific algorithm. Tokens are represented as immutable objects after creation, ensuring thread-safe access and consistency in concurrent environments. Verification failures raise typed exceptions for issues like invalid signatures or expired claims, providing clear error handling. The library covers the full lifecycle of JWT processing, from signing tokens with custom claims to parsing and verifying tokens against expected values. It supports token-based authentication workflows by enabling stateless session management through signed JSON tokens. ## Tags ### Security & Cryptography - [Java JWT Libraries](https://awesome-repositories.com/f/security-cryptography/java-jwt-libraries.md) — An implementation for creating and verifying JSON Web Tokens with support for multiple signing algorithms. - [JSON Web Tokens](https://awesome-repositories.com/f/security-cryptography/json-web-tokens.md) — Building and processing JWTs in Java applications for authentication and information exchange. - [Signed JWT Generation](https://awesome-repositories.com/f/security-cryptography/asymmetric-signing/signed-jwt-generation.md) — Sign a JSON Web Token by attaching custom claims and applying a chosen cryptographic algorithm. ([source](https://cdn.jsdelivr.net/gh/auth0/java-jwt@master/README.md)) - [Configurable Signing Algorithms](https://awesome-repositories.com/f/security-cryptography/code-signing/signing-key-rotation/configurable-signing-algorithms.md) — Signs tokens by applying a chosen cryptographic algorithm to a JSON payload and secret key. - [JWT Claim Validation](https://awesome-repositories.com/f/security-cryptography/jwt-claim-validation.md) — Validating JWT claims such as expiration, issuer, and audience to enforce token integrity and access control. - [Claim Validators](https://awesome-repositories.com/f/security-cryptography/jwt-claim-validation/expiration-claim-validators/claim-validators.md) — Verifies tokens by checking the signature and validating required claims against expected values. - [JWT Cryptographic Algorithms](https://awesome-repositories.com/f/security-cryptography/jwt-cryptographic-algorithms.md) — Working with multiple cryptographic algorithms (HMAC, RSA, ECDSA) through a unified interface for token signing and verification. - [Token Signing Services](https://awesome-repositories.com/f/security-cryptography/oidc-identity-token-issuance/token-signing-services.md) — Signs JWTs with custom claims using HMAC, RSA, or ECDSA cryptographic algorithms. - [JWT Token Validators](https://awesome-repositories.com/f/security-cryptography/security/policies/token-validation/bearer-token-validators/jwt-token-validators.md) — Check a token's signature and confirm required claims are present, rejecting invalid tokens with an error. ([source](https://cdn.jsdelivr.net/gh/auth0/java-jwt@master/README.md)) - [Token Authentication](https://awesome-repositories.com/f/security-cryptography/token-authentication.md) — A library for building authentication systems that use signed JSON tokens for stateless session management. - [Token Signature Verification](https://awesome-repositories.com/f/security-cryptography/token-authentication/token-signature-verification.md) — Validates JWT signatures and checks required claims, raising exceptions on invalid tokens. - [JWT Signing and Verification](https://awesome-repositories.com/f/security-cryptography/token-authentication/token-signature-verification/jwt-signing-and-verification.md) — Creating signed JSON Web Tokens with custom claims and cryptographic algorithms for secure data transmission. - [Token-Based Authentication](https://awesome-repositories.com/f/security-cryptography/token-based-authentication.md) — Building stateless authentication systems that use signed JWTs for session management and identity verification. ### Part of an Awesome List - [Builder Pattern Constructors](https://awesome-repositories.com/f/awesome-lists/security/identity-and-authentication/jwt-tokens/builder-pattern-constructors.md) — Constructs tokens by chaining claims and algorithm selection before finalizing the signed JWT. ### Programming Languages & Runtimes - [Immutable Token Models](https://awesome-repositories.com/f/programming-languages-runtimes/language-features-paradigms/language-features/language-extensions/union-types/type-safe-variants/type-safe-data-structures/immutable-type-modeling/immutable-token-models.md) — Represents tokens as immutable objects after creation, ensuring thread-safe access and consistency. ### Software Engineering & Architecture - [Cryptographic Algorithm](https://awesome-repositories.com/f/software-engineering-architecture/abstraction-layers/cryptographic-algorithm.md) — Abstracts cryptographic algorithms behind a common interface, allowing pluggable signing and verification. - [Builder Patterns](https://awesome-repositories.com/f/software-engineering-architecture/creational-design-patterns/builder-patterns.md) — Constructs tokens using a builder pattern that chains claims and algorithm selection before finalizing.