kjwt-core/co.touchlab.kjwt.parser/JwtParser

JwtParser

class JwtParser(source)

Thread-safe JWT parser that parses, verifies, and validates JWS and JWE compact tokens.

Obtain an instance via JwtParserBuilder.build after configuring verification keys, decryption keys, and claim validators on the builder. Once built, a JwtParser instance is immutable and safe for concurrent use.

The parser enforces the following lifecycle for each token:

  1. Structural validation — correct number of parts (3 for JWS, 5 for JWE per RFC 7515/7516).

  2. Algorithm resolution — the alg (and enc) header values are mapped to known algorithms.

  3. Signature/decryption — the token is cryptographically verified or decrypted.

  4. Time-claim validation — exp and nbf claims are checked against the current clock.

  5. Custom claim validation — any validators registered on the builder are applied.

See also

Functions

Link copied to clipboard
suspend fun parse(token: String): JwtInstance

Auto-detects the token type and delegates to parseSigned (3 parts) or parseEncrypted (5 parts).

Link copied to clipboard
suspend fun parseEncrypted(token: String): JwtInstance.Jwe

Parses and validates a JWE compact token, returning the decrypted JwtInstance.Jwe.

Link copied to clipboard
suspend fun parseSigned(token: String): JwtInstance.Jws

Parses and validates a JWS compact token, returning the signed JwtInstance.Jws.

Generated by Dokka
© 2026 Touchlab