skip to navigation
skip to content

PyJWT-mozilla 0.1.5

JSON Web Token implementation in Python

A Python implementation of [JSON Web Token draft 01](

This is Mozilla’s fork of [PyJWT]( which adds RSA algorithms, fixes some timing attacks, and makes a few other adjustments. It is used in projects such as [webpay](


Install the module with [pip]( or something similar:

pip install PyJWT-mozilla

This install step will also install/compile [M2Crypto]( so you will need swig for this. You can get it with a package manager like:

brew install swig

Alternatively you can probably find a binary package for M2Crypto with something like this:

sudo apt-get install python-m2crypto


import jwt jwt.encode({“some”: “payload”}, “secret”)

Note the resulting JWT will not be encrypted, but verifiable with a secret key.

jwt.decode(“someJWTstring”, “secret”)

If the secret is wrong, it will raise a jwt.DecodeError telling you as such. You can still get at the payload by setting the verify argument to false.

jwt.decode(“someJWTstring”, verify=False)


The JWT spec supports several algorithms for cryptographic signing. This library currently supports:

  • HS256 - HMAC using SHA-256 hash algorithm (default)
  • HS384 - HMAC using SHA-384 hash algorithm
  • HS512 - HMAC using SHA-512 hash algorithm
  • RS256 - RSA using SHA-256 hash algorithm
  • RS384 - RSA using SHA-384 hash algorithm
  • RS512 - RSA using SHA-584 hash algorithm

Change the algorithm with by setting it in encode:

jwt.encode({“some”: “payload”}, “secret”, “HS512”)


Install the project in a [virtualenv]( (or wherever) by typing this from the root:

python develop

Run the tests like this:

python tests/



File Type Py Version Uploaded on Size
PyJWT-mozilla-0.1.5.tar.gz (md5) Source 2015-03-27 5KB