A JSON Web Token (JWT) is a compact, URL-safe means of representing 'Claims' to be transferred between two parties. The 'Claims' in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the 'Claims' to be digitally signed or integrity protected with a Message Authentication Code (MAC) and/or encrypted. JWT is defined in IETF RFC 7519 and use of these is described in the 1EdTech Security Framework.
