2015-01-23 2026-02-05 Specification Required Registration requests should be sent to the mailing list described in . If approved, designated experts should notify IANA within three weeks. For assistance, please contact iana@iana.org. Sean Turner, Mike Jones, Filip Skokan alg Algorithm JWS jku JWK Set URL JWS jwk JSON Web Key JWS kid Key ID JWS x5u X.509 URL JWS x5c X.509 Certificate Chain JWS x5t X.509 Certificate SHA-1 Thumbprint JWS x5t#S256 X.509 Certificate SHA-256 Thumbprint JWS typ Type JWS cty Content Type JWS crit Critical JWS alg Algorithm JWE enc Encryption Algorithm JWE zip Compression Algorithm JWE jku JWK Set URL JWE jwk JSON Web Key JWE kid Key ID JWE x5u X.509 URL JWE x5c X.509 Certificate Chain JWE x5t X.509 Certificate SHA-1 Thumbprint JWE x5t#S256 X.509 Certificate SHA-256 Thumbprint JWE typ Type JWE cty Content Type JWE crit Critical JWE epk Ephemeral Public Key JWE apu Agreement PartyUInfo JWE apv Agreement PartyVInfo JWE iv Initialization Vector JWE tag Authentication Tag JWE p2s PBES2 Salt Input JWE p2c PBES2 Count JWE iss Issuer JWE sub Subject JWE aud Audience JWE b64 Base64url-Encode Payload JWS ppt PASSporT extension identifier JWS url URL JWE, JWS nonce Nonce JWE, JWS svt Signature Validation Token JWS iheSSId The iheSSId header parameter's value shall specify the SubmissionSet.uniqueId as per . JWS jwt This header contains a JWT. Processing rules MAY depend on the typ header value of the respective JWT. JWS OpenID for Verifiable Presentations 1.0, Section 12 client_id This header contains a Client Identifier. A Client Identifier is used in OAuth to identify a certain client. It is defined in , section 2.2. JWS trust_chain OpenID Federation Trust Chain JWS OpenID Federation 1.0, Section 4.3 peer_trust_chain OpenID Federation Peer Trust Chain JWS OpenID Federation 1.0, Section 4.4 Registration requests should be sent to the mailing list described in . If approved, designated experts should notify IANA within three weeks. For assistance, please contact iana@iana.org. Specification Required Sean Turner, Mike Jones, Filip Skokan HS256 HMAC using SHA-256 alg Required n/a HS384 HMAC using SHA-384 alg Optional n/a HS512 HMAC using SHA-512 alg Optional n/a RS256 RSASSA-PKCS1-v1_5 using SHA-256 alg Recommended n/a RS384 RSASSA-PKCS1-v1_5 using SHA-384 alg Optional n/a RS512 RSASSA-PKCS1-v1_5 using SHA-512 alg Optional n/a ES256 ECDSA using P-256 and SHA-256 alg Recommended+ n/a ES384 ECDSA using P-384 and SHA-384 alg Optional n/a ES512 ECDSA using P-521 and SHA-512 alg Optional n/a PS256 RSASSA-PSS using SHA-256 and MGF1 with SHA-256 alg Optional n/a PS384 RSASSA-PSS using SHA-384 and MGF1 with SHA-384 alg Optional n/a PS512 RSASSA-PSS using SHA-512 and MGF1 with SHA-512 alg Optional n/a none No digital signature or MAC performed alg Optional n/a RSA1_5 RSAES-PKCS1-v1_5 alg Recommended- n/a RSA-OAEP RSAES OAEP using default parameters alg Recommended+ n/a RSA-OAEP-256 RSAES OAEP using SHA-256 and MGF1 with SHA-256 alg Optional n/a A128KW AES Key Wrap using 128-bit key alg Recommended n/a A192KW AES Key Wrap using 192-bit key alg Optional n/a A256KW AES Key Wrap using 256-bit key alg Recommended n/a dir Direct use of a shared symmetric key alg Recommended n/a ECDH-ES ECDH-ES using Concat KDF alg Recommended+ n/a ECDH-ES+A128KW ECDH-ES using Concat KDF and "A128KW" wrapping alg Recommended n/a ECDH-ES+A192KW ECDH-ES using Concat KDF and "A192KW" wrapping alg Optional n/a ECDH-ES+A256KW ECDH-ES using Concat KDF and "A256KW" wrapping alg Recommended n/a A128GCMKW Key wrapping with AES GCM using 128-bit key alg Optional n/a A192GCMKW Key wrapping with AES GCM using 192-bit key alg Optional n/a A256GCMKW Key wrapping with AES GCM using 256-bit key alg Optional n/a PBES2-HS256+A128KW PBES2 with HMAC SHA-256 and "A128KW" wrapping alg Optional n/a PBES2-HS384+A192KW PBES2 with HMAC SHA-384 and "A192KW" wrapping alg Optional n/a PBES2-HS512+A256KW PBES2 with HMAC SHA-512 and "A256KW" wrapping alg Optional n/a A128CBC-HS256 AES_128_CBC_HMAC_SHA_256 authenticated encryption algorithm enc Required n/a A192CBC-HS384 AES_192_CBC_HMAC_SHA_384 authenticated encryption algorithm enc Optional n/a A256CBC-HS512 AES_256_CBC_HMAC_SHA_512 authenticated encryption algorithm enc Required n/a A128GCM AES GCM using 128-bit key enc Recommended n/a A192GCM AES GCM using 192-bit key enc Optional n/a A256GCM AES GCM using 256-bit key enc Recommended n/a EdDSA EdDSA signature algorithms alg Deprecated RS1 RSASSA-PKCS1-v1_5 with SHA-1 JWK Prohibited RSA-OAEP-384 RSA-OAEP using SHA-384 and MGF1 with SHA-384 alg Optional n/a RSA-OAEP-512 RSA-OAEP using SHA-512 and MGF1 with SHA-512 alg Optional n/a A128CBC AES CBC using 128 bit key JWK Prohibited A192CBC AES CBC using 192 bit key JWK Prohibited A256CBC AES CBC using 256 bit key JWK Prohibited A128CTR AES CTR using 128 bit key JWK Prohibited A192CTR AES CTR using 192 bit key JWK Prohibited A256CTR AES CTR using 256 bit key JWK Prohibited HS1 HMAC using SHA-1 JWK Prohibited ES256K ECDSA using secp256k1 curve and SHA-256 alg Optional SEC2 ML-DSA-44 ML-DSA-44 as described in US NIST FIPS 204 alg Optional FIPS-204 ML-DSA-65 ML-DSA-65 as described in US NIST FIPS 204 alg Optional FIPS-204 ML-DSA-87 ML-DSA-87 as described in US NIST FIPS 204 alg Optional FIPS-204 Ed25519 EdDSA using the Ed25519 parameter set in Section 5.1 of alg Optional Ed448 EdDSA using the Ed448 parameter set in Section 5.2 of alg Optional Registration requests should be sent to the mailing list described in . If approved, designated experts should notify IANA within three weeks. For assistance, please contact iana@iana.org. Specification Required Sean Turner, Mike Jones, Filip Skokan DEF DEFLATE Registration requests should be sent to the mailing list described in . If approved, designated experts should notify IANA within three weeks. For assistance, please contact iana@iana.org. Specification Required Sean Turner, Mike Jones, Filip Skokan EC Elliptic Curve Recommended+ RSA RSA Required oct Octet sequence Required OKP Octet string key pairs Optional AKP Algorithm Key Pair Optional Registration requests should be sent to the mailing list described in . If approved, designated experts should notify IANA within three weeks. For assistance, please contact iana@iana.org. Specification Required Sean Turner, Mike Jones, Filip Skokan P-256 P-256 Curve Recommended+ P-384 P-384 Curve Optional P-521 P-521 Curve Optional Ed25519 Ed25519 signature algorithm key pairs Optional Ed448 Ed448 signature algorithm key pairs Optional X25519 X25519 function key pairs Optional X448 X448 function key pairs Optional secp256k1 SECG secp256k1 curve Optional Registration requests should be sent to the mailing list described in . If approved, designated experts should notify IANA within three weeks. For assistance, please contact iana@iana.org. Specification Required Sean Turner, Mike Jones, Filip Skokan kty Key Type * Public use Public Key Use * Public key_ops Key Operations * Public alg Algorithm * Public kid Key ID * Public x5u X.509 URL * Public x5c X.509 Certificate Chain * Public x5t X.509 Certificate SHA-1 Thumbprint * Public x5t#S256 X.509 Certificate SHA-256 Thumbprint * Public crv Curve EC Public x X Coordinate EC Public y Y Coordinate EC Public d ECC Private Key EC Private n Modulus RSA Public e Exponent RSA Public d Private Exponent RSA Private p First Prime Factor RSA Private q Second Prime Factor RSA Private dp First Factor CRT Exponent RSA Private dq Second Factor CRT Exponent RSA Private qi First CRT Coefficient RSA Private oth Other Primes Info RSA Private k Key Value oct Private crv The subtype of key pair OKP Public d The private key OKP Private x The public key OKP Public ext Extractable * Public iat Issued At, as defined in * Public OpenID Federation 1.0, Section 8.7.2 nbf Not Before, as defined in * Public OpenID Federation 1.0, Section 8.7.2 exp Expiration Time, as defined in * Public OpenID Federation 1.0, Section 8.7.2 revoked Revoked Key Properties * Public OpenID Federation 1.0, Section 8.7.2 pub Public key AKP Public priv Private key AKP Private Registration requests should be sent to the mailing list described in . If approved, designated experts should notify IANA within three weeks. For assistance, please contact iana@iana.org. Specification Required Sean Turner, Mike Jones, Filip Skokan sig Digital Signature or MAC enc Encryption Registration requests should be sent to the mailing list described in . If approved, designated experts should notify IANA within three weeks. For assistance, please contact iana@iana.org. Specification Required Sean Turner, Mike Jones, Filip Skokan sign Compute digital signature or MAC verify Verify digital signature or MAC encrypt Encrypt content decrypt Decrypt content and validate decryption, if applicable wrapKey Encrypt key unwrapKey Decrypt key and validate decryption, if applicable deriveKey Derive key deriveBits Derive bits not to be used as a key Specification Required Sean Turner, Mike Jones, Filip Skokan Registration requests should be sent to the mailing list described in . If approved, designated experts should notify IANA within three weeks. For assistance, please contact iana@iana.org. keys Array of JWK Values IESG mailto:iesg&ietf.org IETF mailto:iesg&ietf.org IHE ITI https://www.ihe.net 2025-02-27 OpenID Foundation Artifact Binding Working Group mailto:openid-specs-ab&lists.openid.net 2024-08-20 OpenID Foundation Digital Credentials Protocols Working Group mailto:openid-specs-digital-credentials-protocols&lists.openid.net 2025-08-13 W3C Web Application Security Working Group mailto:public-webappsec&w3.org 2024-10-16