signWith
Signs the JWT using an HMAC (HS256/384/512) symmetric key.
Return
the resulting JwtInstance.Jws compact serialization
Parameters
the HMAC-based signing algorithm (HS256, HS384, or HS512)
the HMAC symmetric key to sign with
optional key ID to embed in the token header's kid field. Defaults to null.
Signs the JWT using an RSA PKCS#1 (RS256/384/512) private key.
Return
the resulting JwtInstance.Jws compact serialization
Parameters
the RSA PKCS#1-based signing algorithm (RS256, RS384, or RS512)
the RSA PKCS#1 private key to sign with
optional key ID to embed in the token header's kid field. Defaults to null.
Signs the JWT using an RSA PSS (PS256/384/512) private key.
Return
the resulting JwtInstance.Jws compact serialization
Parameters
the RSA PSS-based signing algorithm (PS256, PS384, or PS512)
the RSA PSS private key to sign with
optional key ID to embed in the token header's kid field. Defaults to null.
Signs the JWT using an ECDSA (ES256/384/512) private key.
Return
the resulting JwtInstance.Jws compact serialization
Parameters
the ECDSA-based signing algorithm (ES256, ES384, or ES512)
the ECDSA private key to sign with
optional key ID to embed in the token header's kid field. Defaults to null.
Signs the JWT using any SigningAlgorithm and raw Key.
Prefer the strongly typed overloads (e.g. signWith accepting HMAC.Key or RSA.PKCS1.PrivateKey) when possible, as they enforce the correct key type at compile time.
Return
the resulting JwtInstance.Jws compact serialization
Parameters
the JWS signing algorithm to use
the raw cryptography-kotlin key to sign with; must be compatible with algorithm
optional key ID to embed in the token header's kid field. Defaults to null.
Builds and returns a JWS compact serialization using a pre-built SigningKey.SigningOnlyKey.
Return
the resulting JwtInstance.Jws compact serialization
Parameters
the signing key (or key pair) used to produce the signature
optional key ID to embed in the JWT header's kid field. Defaults to the key ID stored in key's identifier.
Builds and returns a JWS compact serialization using a pre-built SigningKey.SigningKeyPair.
Return
the resulting JwtInstance.Jws compact serialization
Parameters
the signing key (or key pair) used to produce the signature
optional key ID to embed in the JWT header's kid field. Defaults to the key ID stored in key's identifier.
Signs the JWT using an HMAC key derived from the given Jwk.Oct symmetric JWK.
Return
the signed JwtInstance.Jws token
Parameters
the HMAC-based signing algorithm (HS256, HS384, or HS512)
the Oct JWK containing the raw symmetric key material
optional key ID override; when set, it is embedded in the token header's kid field. Defaults to the JWK's own kid field.
the CryptographyProvider used to decode the key; defaults to CryptographyProvider.Default
Signs the JWT using an RSA PKCS#1 private key derived from the given Jwk.Rsa JWK.
Return
the signed JwtInstance.Jws token
Parameters
the RSA PKCS#1-based signing algorithm (RS256, RS384, or RS512)
the RSA JWK containing the private key parameters
optional key ID override; when set, it is embedded in the token header's kid field. Defaults to the JWK's own kid field.
the CryptographyProvider used to decode the key; defaults to CryptographyProvider.Default
Signs the JWT using an RSA PSS private key derived from the given Jwk.Rsa JWK.
Return
the signed JwtInstance.Jws token
Parameters
the RSA PSS-based signing algorithm (PS256, PS384, or PS512)
the RSA JWK containing the private key parameters
optional key ID override; when set, it is embedded in the token header's kid field. Defaults to the JWK's own kid field.
the CryptographyProvider used to decode the key; defaults to CryptographyProvider.Default
Signs the JWT using an ECDSA private key derived from the given Jwk.Ec JWK.
Return
the signed JwtInstance.Jws token
Parameters
the ECDSA-based signing algorithm (ES256, ES384, or ES512)
the EC JWK containing the private key parameter d
optional key ID override; when set, it is embedded in the token header's kid field. Defaults to the JWK's own kid field.
the CryptographyProvider used to decode the key; defaults to CryptographyProvider.Default
Signs the JWT using an HMAC algorithm with a key decoded from a String.
Return
the signed JwtInstance.Jws token.
Parameters
the HMAC-based signing algorithm (HS256, HS384, or HS512).
the HMAC key material encoded as a String.
the format in which key is encoded.
optional key ID to embed in the token header's kid field. Defaults to null.
the CryptographyProvider used to decode the key; defaults to CryptographyProvider.Default
Signs the JWT using an RSA PKCS#1 algorithm with a private key decoded from a String.
Return
the signed JwtInstance.Jws token.
Parameters
the RSA PKCS#1-based signing algorithm (RS256, RS384, or RS512).
the RSA private key material encoded as a String.
the format in which key is encoded.
optional key ID to embed in the token header's kid field. Defaults to null.
the CryptographyProvider used to decode the key; defaults to CryptographyProvider.Default
Signs the JWT using an RSA PSS algorithm with a private key decoded from a String.
Return
the signed JwtInstance.Jws token.
Parameters
the RSA PSS-based signing algorithm (PS256, PS384, or PS512).
the RSA private key material encoded as a String.
the format in which key is encoded.
optional key ID to embed in the token header's kid field. Defaults to null.
the CryptographyProvider used to decode the key; defaults to CryptographyProvider.Default
Signs the JWT using an ECDSA algorithm with a private key decoded from a String.
Return
the signed JwtInstance.Jws token.
Parameters
the ECDSA-based signing algorithm (ES256, ES384, or ES512).
the EC private key material encoded as a String.
the format in which key is encoded.
optional key ID to embed in the token header's kid field. Defaults to null.
the CryptographyProvider used to decode the key; defaults to CryptographyProvider.Default