Nimbus JOSE+JWT vs jjwt

Nimbus JOSE+JWT

JSON Web Token (JWT) implementation for Java with support for signatures (JWS), encryption (JWE) and web keys (JWK). (by Connect2id)

Security

Source Code

Suggest alternative

Edit details

jjwt

Java JWT: JSON Web Token for Java and Android (by jwtk)

Security JWT Java java-jwt Jjwt jwt-token jwt-tokens jwt-authentication jwt-auth jwt-bearer-tokens jwt-server jwt-claims Jackson JSON Jwe Jwk jwk-thumbprint jwkset Jws jwk-thumbprint-uri

Source Code

Suggest alternative

Edit details

Our great sponsors

InfluxDB - Power Real-Time Data Analytics at Scale

WorkOS - The modern identity platform for B2B SaaS

SaaSHub - Software Alternatives and Reviews

Our great sponsors

Nimbus JOSE+JWT		jjwt
	Project
-	Mentions	4
40	Stars	9,847
-	Growth	1.4%
0.0	Activity	8.3
about 9 years ago	Latest Commit	4 days ago
	Language	Java
-	License	Apache License 2.0

The number of mentions indicates the total number of mentions that we've tracked plus the number of user suggested alternatives.
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.

Nimbus JOSE+JWT

Posts with mentions or reviews of Nimbus JOSE+JWT. We have used some of these posts to build our list of alternatives and similar projects.

We haven't tracked posts mentioning Nimbus JOSE+JWT yet.
Tracking mentions began in Dec 2020.

jjwt

Posts with mentions or reviews of jjwt. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-01-17.

Java JWT: JSON Web Token for Java and Android
1 project | news.ycombinator.com | 4 Oct 2023
A simple to use Java 8 JWT Library. Verify, Sign, Encode, Decode all day.
5 projects | /r/java | 17 Jan 2023

How does this compare to JJWT?
Null ECDSA Signatures - Proof of concept for bypassing JWT signature checks using CVE-2022-21449
2 projects | /r/netsec | 21 Apr 2022

Note that this PoC uses DER signature which is accepted by the jjwt library as fallback (see https://github.com/jwtk/jjwt/blob/master/impl/src/main/java/io/jsonwebtoken/impl/crypto/EllipticCurveSignatureValidator.java ), but that is not a standard. Standard is JOSE format.
JWT authentication in Spring Security and Angular
3 projects | dev.to | 14 Sep 2020

There are many open-source JWT implementations available for all languages. In this blog post, we use Java jjwt library in this blog post.

What are some alternatives?

When comparing Nimbus JOSE+JWT and jjwt you can also consider the following projects:

Spring Security - Spring Security

jwt-java - JSON Web Token implementation for Java according to RFC 7519. Easily create, parse and validate JSON Web Tokens using a fluent API.

Keycloak - Open Source Identity and Access Management For Modern Applications and Services

Bouncy Castle - Bouncy Castle Java Distribution (Mirror)

pac4j - Security engine for Java (authentication, authorization, multi frameworks): OAuth, CAS, SAML, OpenID Connect, LDAP, JWT...

Apache Shiro - Apache Shiro

java-jwt-benchmark - Project for benchmarking popular Json Web Token (JWT) frameworks for Java using JMH.

Okta Authentication SDK for Java - okta-auth-java

owasp-zap-jwt-addon - OWASP ZAP addon for finding vulnerabilities in JWT Implementations

Nimbus JOSE+JWT vs Spring Security jjwt vs jwt-java Nimbus JOSE+JWT vs Keycloak jjwt vs Spring Security Nimbus JOSE+JWT vs Bouncy Castle jjwt vs Bouncy Castle Nimbus JOSE+JWT vs pac4j jjwt vs Keycloak Nimbus JOSE+JWT vs Apache Shiro jjwt vs java-jwt-benchmark Nimbus JOSE+JWT vs Okta Authentication SDK for Java jjwt vs owasp-zap-jwt-addon

Compare Nimbus JOSE+JWT vs jjwt and see what are their differences.

Nimbus JOSE+JWT

jjwt

Nimbus JOSE+JWT

jjwt

What are some alternatives?