# JSON Web Token (JWT)

A JSON Web Token (JWT) is used when non-repudiation between parties is required. A statement, of which the data is encoded in JSON, is digitally signed to protect the authenticity and integrity of the statement.

iSHARE uses signed JWTs in the following ways:

1. In a request for an OAuth Access Token or an OpenID Connect ID token, the client sends a signed JWT. The client is authenticated based on the verification of the JWT's signature.
2. Delegation evidence is presented as a signed JWT. The signature of the Authorisation Registry or Entitled Party provides proof to other parties.
3. In a response from a server, iSHARE metadata is presented as a signed JWT. The signature is used to bind the iSHARE metadata (such as license information) in the JWT to the content of the response.
4. A service from an iSHARE Service Provider MAY require a request to be signed.

On [this page](https://dev.ishare.eu/reference/ishare-jwt), the generic requirements for a signed iSHARE JWT are specified.


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://dev.ishare.eu/introduction/specific-technical-standards/json-web-token-jwt.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.