Skip to content
Golang package of helper functions for encoding, signing, decoding and verifying JSON web tokens.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.

JWT Helper Functions

Golang package of helper functions for encoding, signing, decoding and verifying JSON web tokens.

Built on top of with a smaller and simpler API.

If you have any suggestions, problems or bug reports please create an issue and I'll do my best to accommodate you. In addition simply starring the repo would show your support for the project and be very much appreciated!


go get -u

Example Usage

Examples programs using the package for creating and verifying JSON web tokens with HMAC, RSA and ECDSA algorithms and programs for generating a secure HMAC key or RSA and ECDSA public and private key .pem files:

algorithm encoding decoding generating keys
HMAC encode hmac jwt decode hmac jwt generate hmac key
RSA encode rsa jwt decode rsa jwt generate rsa keys
ECDSA encode ecdsa jwt decode ecdsa jwt generate ecdsa keys


View the entire package documentation online at or offline with godoc .

func EncodeHMAC(claims jwt.Claims, key []byte) (string, error) {...}
func DecodeHMAC(tokenString string, key []byte) (jwt.MapClaims, error) {...}

func EncodeRSA(claims jwt.Claims, key *rsa.PrivateKey) (string, error) {...}
func DecodeRSA(tokenString string, key *rsa.PublicKey) (jwt.MapClaims, error) {...}
func EncodeRSAFromPemFile(claims jwt.Claims, file string) (string, error) {...}
func DecodeRSAFromPemFile(tokenString string, file string) (jwt.MapClaims, error) {...}

func EncodeECDSA(claims jwt.Claims, key *ecdsa.PrivateKey) (string, error) {...}
func DecodeECDSA(tokenString string, key *ecdsa.PublicKey) (jwt.MapClaims, error) {...}
func EncodeECDSAFromPemFile(claims jwt.Claims, file string) (string, error) {...}
func DecodeECDSAFromPemFile(tokenString string, file string) (jwt.MapClaims, error) {...}

var ErrTokenCouldNotBeParsed       = errors.New("token could not be parsed")
var ErrTokenIsNotJSONWebToken      = errors.New("token is not a json web token")
var ErrTokenIsNotValid             = errors.New("token is not valid")
var ErrTokenIsNotActiveYet         = errors.New("token is not active yet")
var ErrTokenIsExpired              = errors.New("token is expired")
var ErrTokenClaimsCannotBeAsserted = errors.New("token claims cannot be asserted")
You can’t perform that action at this time.