Skip to content
🔑 Paseto.NET, a Paseto (Platform-Agnostic Security Tokens) implementation for .NET
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

Paseto.NET, a Paseto (Platform-Agnostic Security Tokens) implementation for .NET

Build status Build Status NuGet MyGet Dependabot Status Maintenance License contributions welcome


v1.local v1.public v2.local v2.public
✔️ ✔️ ✔️


Building a Paseto

var token = new PasetoBuilder<Version2>()
		.AddClaim("example", "Hello Paseto!")
		.AsPublic() // Purpose
var encoder = new PasetoEncoder(cfg => cfg.Use<Version2>(secret)); // default is public purpose
var token = encoder.Encode(new PasetoPayload
	{ "example", "Hello Paseto!" },
	{ "exp", DateTime.UtcNow.AddHours(24) }

Encoded Token:


Decoding a Paseto

var payload = new PasetoBuilder<Version2>()
		.AsPublic() // Purpose
var decoder = new PasetoDecoder(cfg => cfg.Use<Version2>(publicKey)); // default is public purpose
var payload = decoder.Decode(token);

Decrypted Payload:

  "example": "Hello Paseto!",
  "exp": "2018-04-07T05:04:07.9196375Z"


  • Switch from Unix DateTime to ISO 8601 compliant to adhere to Paseto registered claims
  • Add support for local authentication for v2
  • Add support for local authentication for v1
  • Add support for version detection when decoding
  • Add payload validation rules
  • Improve protocol versioning
  • Add more documentation on the usage
  • Extend the fluent builder API
  • Add more tests


  • Uses Ed25519 algorithm from CodesInChaos Chaos.NaCl cryptography library.
  • Uses Blake2b cryptographic hash function from metadings repository.
  • Uses XChaCha20-Poly1305 AEAD from NaCl.Core repository.
You can’t perform that action at this time.