Header (JWT/JWS)

The header of a JWT (or JWS) is the first dot-separated segment, a base64url-encoded JSON object that describes the token’s signature properties. Decode it and you get a small JSON object typically containing 2-5 fields.

Standard header fields (RFC 7515 §4):

• alg — algorithm. Required. e.g., HS256, RS256, ES256, or none.
• typ — type. Conventionally "JWT" when the payload is a JWT claims set.
• kid — key ID. Lets the receiver pick the right key from a key set when the issuer rotates keys.
• jwk / jku — embedded JSON Web Key or URL to one. Less common; security-sensitive if used.
• cty — content type. Used when the payload is nested JOSE structure (e.g., a JWE inside a JWS).

Worked example. A header decoding to:

{ "alg": "RS256", "typ": "JWT", "kid": "2024-q1-key" }

declares the token is signed with RS256 (RSA + SHA-256), is a JWT (so the payload is a claims set), and was signed with the key identified by 2024-q1-key in the issuer’s key directory.

Critical security note: never trust the alg field alone. Verify that the algorithm matches what your key is suitable for. The alg-confusion attack works by passing a token signed with HS256 (HMAC) using your RSA public key as the HMAC secret — if your verifier blindly trusts alg, it accepts the forgery.