Home

HS256

HS256 is an algorithm that creates and verifies cryptographic signatures using HMAC with the SHA-256 hash function. It is commonly referred to as "HMAC-SHA256" and is used to provide data integrity and authentication for messages, most notably within JSON Web Tokens (JWT).

In the context of JWT, HS256 is a symmetric signing algorithm. The token consists of a base64url-encoded

Security considerations include the need to keep the shared secret confidential. The same key is used to

header,
a
base64url-encoded
payload,
and
a
signature.
The
signature
is
produced
by
applying
HMAC-SHA256
to
the
concatenation
of
the
header
and
payload:
signature
=
HMAC-SHA256(key,
base64url(header)
+
"."
+
base64url(payload)).
The
resulting
signature
is
then
base64url-encoded
and
appended
to
the
token.
Verification
uses
the
same
secret
key
to
recompute
the
signature
and
compare
it
to
the
one
in
the
token.
sign
and
verify
tokens,
so
a
leaked
key
enables
forgery
of
tokens
for
all
relying
services.
Recommended
practices
include
using
a
sufficiently
long,
random
secret
(often
at
least
256
bits),
rotating
keys
regularly,
and
using
key
identifiers
to
distinguish
keys.
It
is
important
to
note
that
HS256
does
not
encrypt
the
payload;
JWTs
signed
with
HS256
provide
integrity
and
authenticity
but
not
confidentiality.
If
encryption
of
the
payload
is
required,
additional
measures
such
as
JWE
or
transport-layer
encryption
should
be
used.
For
scenarios
requiring
asymmetric
verification,
alternatives
like
RS256
or
ES256
may
be
preferred.