jsonwebtoken

v10.3.0 Stable

Create and decode JWTs in a strongly typed way.

MIT Edition 2024 MSRV 1.85.0

#api#token#jwt#jwk

GitHub ↗ crates.io ↗ Compare with…

Quick Verdict

✓Actively maintained (updated 59d ago)
✓Stable API (10.x for 10+ years)
✓Massive adoption (13.9K crates depend on it)
!Heavy dependency tree (24 direct deps)
✓Permissive license (MIT)

Security

Checking security advisories...

Downloads

110.3M

Dependents

13.9K

Releases

Size

65KB

Deep Insights

📈

Strong growth momentum

10.3M downloads in the last 30 days (344.3K/day), up 30% from the previous period.

🏛️

Foundational crate

13.9K crates depend on jsonwebtoken — it's part of the Rust ecosystem's core infrastructure. Removing it from your dependency tree would be extremely difficult.

⚠️

Single maintainer risk

jsonwebtoken has only 1 owner despite 13.9K dependents. This is a bus-factor concern — consider the implications for long-term support.

✅

Stable for 10+ years

The API has been stable (1.x) for over 10 years with 56 releases. This level of maturity means you can depend on it without worrying about breaking changes.

📦

Heavy dependency tree

24 direct dependencies. Consider the impact on compile times and supply chain complexity.

🌟

Used by top crates

Notable dependents include google-cloud-auth, octocrab, alloy-transport-http, ethers-providers, rmcp. When high-quality crates choose jsonwebtoken, it's a strong quality signal.