sign
Parse an existing JWT and re-sign it with a new algorithm and/or key. The original claims are preserved. Use --alg none to strip the signature entirely.
jwtop sign <token> --alg <alg> (--secret <secret> | --key <pem-file>)| Flag | Description |
|---|---|
--alg | Target signing algorithm, or none (required) |
--secret | HMAC secret string |
--key | Path or URL to a PEM-encoded private key file |
Examples
Section titled “Examples”Change the signing key (same algorithm)
jwtop sign $TOKEN --alg HS256 --secret newsecretSwitch to an asymmetric algorithm
jwtop sign $TOKEN --alg RS256 --key /path/to/private.pemStrip the signature (alg=none)
jwtop sign $TOKEN --alg none- The input token’s claims and registered claim values are kept unchanged.
--alg nonedoes not require a key. The resulting token has an empty signature segment and its headeralgis set to"none".- See Strip or remove a token signature for context on when this is useful.