JSON Object Signing and Encryption Library

Version on this page:0.7.8
LTS Haskell 12.22:0.7.8
Stackage Nightly 2018-12-15:0.8.0
Latest on Hackage:0.8.0

See all snapshots jose-jwt appears in

BSD3 licensed and maintained by Luke Taylor

Module documentation for 0.7.8

An implementation of the JOSE suite of IETF standards and the closely related JWT (JSON web token) spec (

Both signed and encrypted JWTs are supported, as well as simple JWK keys.



  • The result of the Jose.Jwt.decodeClaims function is now polymorphic so it can be used with any FromJSON type.
  • Only ghc 8 upwards are now supported.
  • the RSA-OAEP-256 algorithm is now supported.


  • Switch from EitherT to ExceptT to allow compiling with latest version of ‘either’ package.


  • User ByteArray and ScrubbedBytes from memory package in preference to ByteString in internal crypto code.


  • Fixed exception when JWT contained invalid Base64 (issue #15).
  • Add generateSymmetricKey utility function to Jwk module.


  • A JWT parser is now used to separate parsing and decoding into separate stages (internal change).


  • Stricter checking of AES key lengths when looking for a valid JWK to encode/decode an AES-KW JWT.


  • Add JSON test data to extra-source-files.


  • Remove test dependency on aeson-qq


  • Update cryptonite version to 0.19 to avoid security issues
  • Fix broken benchmark code
  • Better error message for invalid key length when using AES keywrap


  • Add support for AES key wrap in JWEs.
  • Support A192GCM and A192CBC-HS384 algorithms.
  • Switch to cryptonite library.


  • Remove dependency on errors package.


  • Minor internal changes to fix build on GHC 7.10.


  • Change KeyId type to allow use of a UTCTime string for the identifier.
  • Internal crypto fixes to prevent exceptions from external libraries.


  • Add JwtEncoding type. Changes API of Jwt.encode and Jwt.decode.


  • Fix in the code for finding suitable JWKs for encoding/decoding.

  • Added doctest flag to cabal file to allow doctests to be disabled.


  • Add cprng-aes dependency to doctests to stop test failure on travis and nixos hydra builds.


  • Changed use of Jwt type to represent an encoded JWT.
  • Introduced Payload type to allow setting the cty header value correctly for nested JWTs.
  • Added an explicit Unsecured type for a decoded JWT, to make it obvious when the content is not signed or encrypted.
  • Fixed some bugs in JSON encoding and decoding of EC JWKs.


Changed the signature of Jwt.encode to take a list of Jwk rather than a single key. The key will be selected from the list based on the specified algorithms.


  • New support for JWS validation using elliptic curve algorithms.
  • Added Jwt.encode function which takes a JWK argument, allowing key data (currently the key ID) to be encoded in the token header.
comments powered byDisqus