Which binaries should I go for JWT for java?

Question

I am the novice to JWT token usage, while reading came to know from jwt.io that there are six versions with different types of binaries are available as below.

1. com.auth0 / java-jwt / 3.3.0
2. org.bitbucket.b_c / jose4j / 0.6.3
3. com.nimbusds / nimbus-jose-jwt / 5.7
4. io.jsonwebtoken / jjwt / 0.9.0
5. com.inversoft / prime-jwt / 1.3.0
6. io.vertx / vertx-auth-jwt / 3.5.1

Can anyone please explain to me what is the broad difference between them, except java version support.

Answer 1

A JWT can be cryptographically signed (making it a JWS) or encrypted (making it a JWE):

^{The image was extracted from this page.}

Take your pick based on the features supported by each implementation. As mentioned in the comments, JJWT and Nimbus JOSE + JWT seem to be the most widely used libraries for JWT in Java.

See the documentation for details on usage and supported features of both libraries:

• JJWT documentation on GitHub
• Nimbus JOSE + JWT documentation on BitBucket