Skip to main content

8. Implementation Requirements

This section defines the features that an implementation conforming to this specification MUST implement.

A conforming JWT implementation MUST understand and support all REQUIRED functionality as defined in the JWS [JWS] and JWE [JWE] specifications, as well as the following JWT-specific requirements defined in this specification:

  • Implementations MUST support processing JWTs containing Registered Claim Names.

  • Implementations MUST correctly handle the "typ" and "cty" header parameters as described in Section 5.

  • When validating JWTs, implementations MUST correctly handle NumericDate values as described in Sections 4.1.4, 4.1.5, and 4.1.6.

  • Implementations SHOULD support validating JWT Claims as described in Section 7.2.

Note: Implementations MAY choose to support only JWS or only JWE, but MUST support at least one of them.

Last updated on