Skip to content


Folders and files

Last commit message
Last commit date

Latest commit


Repository files navigation

Frank JWT Build Status

Implementation of JSON Web Tokens in Rust.

Algorithms and features supported

  • HS256
  • HS384
  • HS512
  • RS256
  • RS384
  • RS512
  • ES256
  • ES384
  • ES512
  • Sign
  • Verify
  • iss (issuer) check
  • sub (subject) check
  • aud (audience) check
  • exp (expiration time) check
  • nbf (not before time) check
  • iat (issued at) check
  • jti (JWT id) check


Put this into your Cargo.toml:

frank_jwt = "<current version of frank_jwt>"

And this in your crate root:

extern crate frank_jwt;
#[macro_use] extern crate serde_json;

use frank_jwt::{Algorithm, encode, decode};


let mut payload = json!({
    "key1": "val1",
    "key2": "val2"

let mut header = json!({});
let secret = "secret123";
let jwt = encode(&header, secret.to_string(), &payload, Algorithm::HS256);

use std::env;

let mut payload = json!({
    "key1": "val1",
    "key2": "val2"

let mut header = json!({});
let mut keypath = env::current_dir().unwrap();
let jwt = encode(&header, &keypath.to_path_buf(), &payload, Algorithm::RS256);
let (header, payload) = decode(&jwt, &keypath.to_path_buf(), Algorithm::RS256, &ValidationOptions::default());

Validation Options

The ValidationOptions structure allows for control over which checks should be preformed when decoding a JWT. Calling new on this will provide a default set of values. There is also a dangerous function that will return validation options that doesn't perform any checking.

The default values are:

  • Perform expiry check
  • Allow 0 leeway for the expiry check.

It's worth noting that if the expiry check is requested and an exp claim is not within the JWT the check will fail validation.


Apache 2.0


cargo test