A Python implementation of the JOSE (Javascript Object Signing and Encryption) framework, providing support for JSON Web Tokens (JWTs) using JWS (signatures) and JWE (encrypted claims). Useful for securely transferring claims such as authorization information between parties, including the ability to authenticate using JWS and keep claims opaque via JWE (with a subset of recommended algorithms).
Project status
- The repository appears quiet/dormant. The latest tagged update is 0.2.2 from 2015-01-15, and the upstream push was last seen on 2024-05-30, which indicates no recent, ongoing update activity in the tagged history.
- Update cadence is not evident from recent activity, but historically it released infrequently (2014-03-25 to 2014-11-25, then 2015-01-15). Relative to today (2026-06-09), there have been years with no new tagged updates.
AI summary generated 2026-06-09
Recent updates
0.2.2
2015-01-15Version 0.2.2 adds a mechanism to distinguish between legacy and newly issued JWE tokens by injecting a temporary version marker (__v). The core JWE encryption and authentication logic was modified to correct RFC compliance issues while keeping this version able to decrypt both legacy and newly issued tokens.
0.2.1
2014-11-25This release (0.2.1) introduces a new error handling model via a jose.Error base exception plus specific claim-validation exceptions (jose.Expired, jose.NotYetValid). It also adds optional claim validation controls to token verification/decryption, updates tests and documentation accordingly, and adds a CLI entry point to the package.
Features0.1
2014-03-25No release notes were provided for version 0.1, so the specific changes, API impact, and fixes cannot be determined from the publisher-provided information. Developers should review the actual tagged code diff for this release to identify potential breaking changes or behavioral updates.