| Interface | Description |
|---|---|
| Claims |
A JWT Claims set.
|
| ClaimsBuilder | |
| ClaimsMutator<T extends ClaimsMutator<T>> |
Mutation (modifications) to a
Claims instance. |
| ClaimsMutator.AudienceCollection<P> |
A
NestedCollection for setting ClaimsMutator.audience() values that also allows overriding the collection
to be a single string value for legacy JWT recipients if necessary. |
| Clock |
A clock represents a time source that can be used when creating and verifying JWTs.
|
| CompressionCodec | Deprecated
since 0.12.0 in favor of
CompressionAlgorithm to equal the RFC name for this concept. |
| CompressionCodecResolver | Deprecated
in favor of
JwtParserBuilder.zip() |
| Header |
A JWT JOSE header.
|
| HeaderMutator<T extends HeaderMutator<T>> |
Mutation (modifications) to a
Header instance. |
| Identifiable |
An object that may be uniquely identified by an
id relative to other instances of the same type. |
| Jwe<B> |
An encrypted JWT, called a "JWE", per the
JWE (RFC 7516) Specification.
|
| JweHeader |
A JWE header.
|
| JweHeaderMutator<T extends JweHeaderMutator<T>> |
Mutation (modifications) to a
JweHeader instance. |
| Jws<P> |
An expanded (not compact/serialized) Signed JSON Web Token.
|
| JwsHeader |
A JWS header.
|
| Jwt<H extends Header,P> |
An expanded (not compact/serialized) JSON Web Token.
|
| JwtBuilder |
A builder for constructing Unprotected JWTs, Signed JWTs (aka 'JWS's) and Encrypted JWTs (aka 'JWE's).
|
| JwtBuilder.BuilderClaims |
Claims for use with a
JwtBuilder that supports method chaining for standard JWT Claims parameters. |
| JwtBuilder.BuilderHeader |
Header for use with a
JwtBuilder that supports method chaining for
standard JWT, JWS and JWE header parameters. |
| JwtHandler<T> | Deprecated
since 0.12.0 in favor of calling
Jwt.accept(JwtVisitor). |
| JwtParser |
A parser for reading JWT strings, used to convert them into a
Jwt object representing the expanded JWT. |
| JwtParserBuilder |
A builder to construct a
JwtParser. |
| Jwts.HeaderBuilder | |
| JwtVisitor<T> |
A JwtVisitor supports the Visitor design pattern for
Jwt instances. |
| Locator<T> | |
| ProtectedHeader |
A JWT header that is integrity protected, either by JWS digital signature or JWE AEAD encryption.
|
| ProtectedHeaderMutator<T extends ProtectedHeaderMutator<T>> |
Mutation (modifications) to a
Header instance. |
| ProtectedJwt<H extends ProtectedHeader,P> |
A
ProtectedJwt is a Jwt that is integrity protected via a cryptographic algorithm that produces
a cryptographic digest, such as a MAC, Digital Signature or Authentication Tag. |
| SigningKeyResolver | Deprecated
since 0.12.0.
|
| Class | Description |
|---|---|
| CompressionCodecs | Deprecated
in favor of
Jwts.ZIP. |
| JwtHandlerAdapter<T> |
An Adapter implementation of the
JwtHandler interface that allows for anonymous subclasses to process only the JWT results that are
known/expected for a particular use case. |
| Jwts |
Factory class useful for creating instances of JWT interfaces.
|
| Jwts.ENC |
Constants for all standard JWA
Cryptographic Algorithms for Content
Encryption defined in the JSON
Web Signature and Encryption Algorithms Registry.
|
| Jwts.KEY |
Constants for all standard JWA (RFC 7518)
Cryptographic Algorithms for Key Management.
|
| Jwts.SIG |
Constants for all JWA (RFC 7518) standard
Cryptographic Algorithms for Digital Signatures and MACs defined in the
JSON Web Signature and Encryption Algorithms
Registry.
|
| Jwts.ZIP |
Constants for JWA (RFC 7518) compression algorithms referenced in the
zip header defined in the
JSON Web Encryption Compression Algorithms
Registry. |
| LocatorAdapter<T> |
Adapter pattern implementation for the
Locator interface. |
| SigningKeyResolverAdapter | Deprecated
since 0.12.0.
|
| SupportedJwtVisitor<T> |
A
JwtVisitor that guarantees only supported JWT instances are handled, rejecting
all other (unsupported) JWTs with UnsupportedJwtExceptions. |
| Enum | Description |
|---|---|
| SignatureAlgorithm | Deprecated
since 0.12.0; use
Jwts.SIG instead. |
| Exception | Description |
|---|---|
| ClaimJwtException |
ClaimJwtException is a subclass of the
JwtException that is thrown after a validation of an JWT claim failed. |
| CompressionException |
Exception indicating that either compressing or decompressing a JWT body failed.
|
| ExpiredJwtException |
Exception indicating that a JWT was accepted after it expired and must be rejected.
|
| IncorrectClaimException |
Exception thrown when discovering that a required claim does not equal the required value, indicating the JWT is
invalid and may not be used.
|
| InvalidClaimException |
Exception indicating a parsed claim is invalid in some way.
|
| JwtException |
Base class for JWT-related runtime exceptions.
|
| MalformedJwtException |
Exception indicating that a JWT was not correctly constructed and should be rejected.
|
| MissingClaimException |
Exception thrown when discovering that a required claim is not present, indicating the JWT is
invalid and may not be used.
|
| PrematureJwtException |
Exception indicating that a JWT was accepted before it is allowed to be accessed and must be rejected.
|
| RequiredTypeException |
Exception thrown when attempting to obtain a value from a JWT or JWK and the existing value does not match the
expected type.
|
| SignatureException | Deprecated
in favor of
SignatureException; this class will be removed before 1.0 |
| UnsupportedJwtException |
Exception thrown when receiving a JWT in a particular format/configuration that does not match the format expected
by the application.
|
Copyright © 2014–2025 jsonwebtoken.io. All rights reserved.