JSON Web Tokens are an open, industry standard method for representing claims securely between two parties.
—
HMACSHA256( base64UrlEncode(header) + "." + base64UrlEncode(payload), your-256-bit-secret )