What is the difference between JSON Web Signature (JWS) and JSON Web Token (JWT)?

Question

I've been coding a RESTful service in Java. This is what I've understood till now:

Token authorization is done using JSON Web Tokens (JWT) which have three parts: the header, the payload, and the secret (shared between the client and the server).

I understood this concept and stumbled over JSON Web Signature (JWS) while reading about JWT.

JWS also is an encoded entity similar to JWT having a header, payload, and a shared secret.

What is the difference between the two concepts, namely JWT and JWS? And if they are alike technically, then what's the difference in their implementation?

This is the first time I'm working with token-based authentication, so it's possible I've misunderstood the concept altogether.

P.S.: I learned about JWS while browsing through the examples on this website.

Answer 1

JWT actually uses JWS for its signature. From the specification's abstract:

JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JavaScript Object Notation (JSON) object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or MACed and/or encrypted.

So a JWT is a JWS structure with a JSON object as the payload. Some optional keys (or claims) have been defined such as iss, aud, exp, etc.

This also means that its integrity protection is not just limited to shared secrets, but public/private key cryptography can also be used.

Answer 2

According to the spec (RFC7519) there are multiple varieties of JWT:

• Unsecured JWTs only have two parts (header and claims), that is, they omit any crypto part. The header contains "alg":"none".
• Claims encoded as the payload of a JWS (i.e., cryptographically signed). This is the typical three-part signed JWT.
• Claims encoded as the plaintext of a JWE (i.e., encrypted). This has more components (header, encrypted key, randomisation, ciphertext, integrity..).
• Nested JWTs...

Therefore a JWT can be either a JWS or a JWE, depending on what FORM of crypto is used to protect the integrity of the claims. That is, a JWT can either be signed or encrypted (or both, or neither); not every JWT is a JWS.

Conversely (by RFC7515), a JWS can be used to protect the integrity of any binary payload (not only of JSON formatted claims) so not every JWS is a JWT either.

Answer 3

To put it simply, JWT (JSON Web Token) is a way of representing claims, which are name-value pairs, into a JSON object. The JWT specification defines a set of standard claims to be used or transferred between two parties.

On the other hand, JWS (JSON Web Signature) is a mechanism for transferring a JWT payload between two parties with a guarantee for integrity. The JWS specification defines multiple ways of signing (for example, HMAC or digital signature) the payload and multiple ways of serializing the content to transfer across the network.