[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Hard to understand","hardToUnderstand","thumb-down"],["Incorrect information or sample code","incorrectInformationOrSampleCode","thumb-down"],["Missing the information/samples I need","missingTheInformationSamplesINeed","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-09-04 UTC."],[],[],null,["# Class JsonWebSignature (2.0.0)\n\nVersion latestkeyboard_arrow_down\n\n- [2.0.0 (latest)](/java/docs/reference/google-http-client/latest/com.google.api.client.json.webtoken.JsonWebSignature)\n- [1.47.1](/java/docs/reference/google-http-client/1.47.1/com.google.api.client.json.webtoken.JsonWebSignature)\n- [1.46.3](/java/docs/reference/google-http-client/1.46.3/com.google.api.client.json.webtoken.JsonWebSignature)\n- [1.45.3](/java/docs/reference/google-http-client/1.45.3/com.google.api.client.json.webtoken.JsonWebSignature)\n- [1.44.2](/java/docs/reference/google-http-client/1.44.2/com.google.api.client.json.webtoken.JsonWebSignature)\n- [1.43.2](/java/docs/reference/google-http-client/1.43.2/com.google.api.client.json.webtoken.JsonWebSignature)\n- [1.42.3](/java/docs/reference/google-http-client/1.42.3/com.google.api.client.json.webtoken.JsonWebSignature)\n- [1.41.8](/java/docs/reference/google-http-client/1.41.8/com.google.api.client.json.webtoken.JsonWebSignature) \n\n public class JsonWebSignature extends JsonWebToken\n\n[JSON Web Signature(JWS)](https://tools.ietf.org/html/rfc7515).\n\nSample usage:\n\npublic static void printPayload(JsonFactory jsonFactory, String tokenString) throws IOException {\nJsonWebSignature jws = JsonWebSignature.parse(jsonFactory, tokenString);\nSystem.out.println(jws.getPayload());\n}\n\nImplementation is not thread-safe. \n\nInheritance\n-----------\n\n[java.lang.Object](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html) \\\u003e [JsonWebToken](/java/docs/reference/google-http-client/latest/com.google.api.client.json.webtoken.JsonWebToken) \\\u003e JsonWebSignature \n\nInherited Members\n-----------------\n\n[JsonWebToken.getHeader()](/java/docs/reference/google-http-client/latest/com.google.api.client.json.webtoken.JsonWebToken#com_google_api_client_json_webtoken_JsonWebToken_getHeader__) \n[JsonWebToken.getPayload()](/java/docs/reference/google-http-client/latest/com.google.api.client.json.webtoken.JsonWebToken#com_google_api_client_json_webtoken_JsonWebToken_getPayload__) \n[JsonWebToken.toString()](/java/docs/reference/google-http-client/latest/com.google.api.client.json.webtoken.JsonWebToken#com_google_api_client_json_webtoken_JsonWebToken_toString__) \n[Object.clone()](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#clone--) \n[Object.equals(Object)](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#equals-java.lang.Object-) \n[Object.finalize()](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#finalize--) \n[Object.getClass()](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#getClass--) \n[Object.hashCode()](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#hashCode--) \n[Object.notify()](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#notify--) \n[Object.notifyAll()](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#notifyAll--) \n[Object.wait()](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#wait--) \n[Object.wait(long)](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#wait-long-) \n[Object.wait(long,int)](https://docs.oracle.com/javase/8/docs/api/java/lang/Object.html#wait-long-int-)\n\nStatic Methods\n--------------\n\n### parse(JsonFactory jsonFactory, String tokenString)\n\n public static JsonWebSignature parse(JsonFactory jsonFactory, String tokenString)\n\nParses the given JWS token string and returns the parsed [JsonWebSignature](/java/docs/reference/google-http-client/latest/com.google.api.client.json.webtoken.JsonWebSignature).\n\n### parser(JsonFactory jsonFactory)\n\n public static JsonWebSignature.Parser parser(JsonFactory jsonFactory)\n\nReturns a new instance of a JWS parser.\n\n### signUsingRsaSha256(PrivateKey privateKey, JsonFactory jsonFactory, JsonWebSignature.Header header, JsonWebToken.Payload payload)\n\n public static String signUsingRsaSha256(PrivateKey privateKey, JsonFactory jsonFactory, JsonWebSignature.Header header, JsonWebToken.Payload payload)\n\nSigns a given JWS header and payload based on the given private key using RSA and SHA-256 as\ndescribed in [JWS using\nRSA SHA-256](http://tools.ietf.org/html/draft-ietf-jose-json-web-signature-11#appendix-A.2).\n\nConstructors\n------------\n\n### JsonWebSignature(JsonWebSignature.Header header, JsonWebToken.Payload payload, byte\\[\\] signatureBytes, byte\\[\\] signedContentBytes)\n\n public JsonWebSignature(JsonWebSignature.Header header, JsonWebToken.Payload payload, byte[] signatureBytes, byte[] signedContentBytes)\n\nMethods\n-------\n\n### getHeader()\n\n public JsonWebSignature.Header getHeader()\n\nReturns the header.\n\nOverriding is only supported for the purpose of calling the super implementation and\nchanging the return type, but nothing else.\n\n**Overrides** \n[JsonWebToken.getHeader()](/java/docs/reference/google-http-client/latest/com.google.api.client.json.webtoken.JsonWebToken#com_google_api_client_json_webtoken_JsonWebToken_getHeader__)\n\n### getSignatureBytes()\n\n public final byte[] getSignatureBytes()\n\nReturns the bytes of the signature.\n\n### getSignedContentBytes()\n\n public final byte[] getSignedContentBytes()\n\nReturns the bytes of the signature content.\n\n### verifySignature()\n\n public final X509Certificate verifySignature()\n\n[Beta](/java/docs/reference/google-http-client/latest/com.google.api.client.util.Beta) \n\nVerifies the signature of the content using the certificate chain embedded in the signature.\n\nCurrently only `\"RS256\"` algorithm is verified, but others may be added in the future.\nFor any other algorithm it returns `null`.\n\nThe certificate chain is verified using the system default trust manager.\n\nThe leaf certificate of the certificate chain must be an SSL server certificate.\n\n### verifySignature(PublicKey publicKey)\n\n public final boolean verifySignature(PublicKey publicKey)\n\nVerifies the signature of the content.\n\nCurrently only `\"RS256\"` and `\"ES256\"` algorithms are verified, but others may\nbe added in the future. For any other algorithm it returns `false`.\n\n### verifySignature(X509TrustManager trustManager)\n\n public final X509Certificate verifySignature(X509TrustManager trustManager)\n\n[Beta](/java/docs/reference/google-http-client/latest/com.google.api.client.util.Beta) \n\nVerifies the signature of the content using the certificate chain embedded in the signature.\n\nCurrently only `\"RS256\"` and `\"ES256\"` algorithms are verified, but others may\nbe added in the future. For any other algorithm it returns `null`.\n\nThe leaf certificate of the certificate chain must be an SSL server certificate."]]