JWS

JWS (JSON Web Signature, RFC 7515) is the cryptographic signature framework that JWT is built on top of. A JWS has three parts joined by dots: header.payload.signature, each segment base64url-encoded. The header is JSON declaring the algorithm; the payload can be any bytes (typically but not necessarily JSON); the signature is computed over the dot-joined header and payload using the declared algorithm.

The JWT relationship: every JWT is a JWS whose payload is required to be a JSON object of claims. But JWS itself is more general — the payload can be raw binary, an XML document, or any other byte string. When you see a three-part dot-separated token that doesn’t base64-decode to JSON in the middle segment, it’s a JWS, not a JWT.

Common algorithms: HS256 (HMAC-SHA256, symmetric key), RS256 (RSA-SHA256, asymmetric), ES256 (ECDSA-P256-SHA256, asymmetric). The dangerous “none” algorithm means “no signature” — legal per the spec but always to be rejected server-side. Production verifiers should also explicitly check that the algorithm declared in the header matches the algorithm expected for the key.

JWS has two serialisations: compact (the dot-separated format JWT uses) and JSON (a JSON envelope wrapping the same three parts, supporting multiple signatures). The compact form is what almost every API uses; the JSON form is rare outside specific protocols.