jsonwebtoken

v10.4.0 Stable

Create and decode JWTs in a strongly typed way.

MIT Edition 2024 MSRV 1.88.0

#api#token#jwt#jwk

GitHub ↗ crates.io ↗ Compare with…

Quick Verdict

✓Actively maintained (updated 14d ago)
✓Stable API (10.x for 10+ years)
✓Massive adoption (17.8K crates depend on it)
!Heavy dependency tree (25 direct deps)
✓Permissive license (MIT)

Security

Checking security advisories...

Downloads

130.7M

Dependents

17.8K

Releases

Size

65KB

Deep Insights

📊

Steady growth

11.3M downloads in the last 30 days (375.7K/day), up 16% from the previous period.

🏛️

Foundational crate

17.8K crates depend on jsonwebtoken — it's part of the Rust ecosystem's core infrastructure. Removing it from your dependency tree would be extremely difficult.

⚠️

Single maintainer risk

jsonwebtoken has only 1 owner despite 17.8K dependents. This is a bus-factor concern — consider the implications for long-term support.

✅

Stable for 10+ years

The API has been stable (1.x) for over 10 years with 57 releases. This level of maturity means you can depend on it without worrying about breaking changes.

📦

Heavy dependency tree

25 direct dependencies. Consider the impact on compile times and supply chain complexity.

🌟

Used by top crates

Notable dependents include google-cloud-auth, octocrab, rmcp, alloy-transport-http, ethers-providers. When high-quality crates choose jsonwebtoken, it's a strong quality signal.