In modern web applications, token-based authentication has become a popular method for providing secure access to resources. Tokens are typically used as a means of authentication and authorization, allowing users to access resources without having to re-authenticate for each request. This approach provides a better user experience and improves the overall security of the application.

There are various token formats available for token-based authentication. The most widely used formats are JOSE (JWS, JWE, and JWT) and PASETO. JOSE tokens are widely used in the industry and have been around for a while. On the other hand, PASETO is a relatively new token format that aims to improve upon the shortcomings of JOSE.

In this article, we will compare PASETO and JOSE token formats and discuss their respective advantages and disadvantages, so you can choose the right token format for your specific use case.

JOSE Token:

The JOSE (Javascript Object Signing and Encryption) format is a set of standards that define how to create, transmit, and verify signed and encrypted messages. The JOSE format consists of three types of tokens: JWS (JSON Web Signature), JWE (JSON Web Encryption), and JWT (JSON Web Token).

JWS tokens are used to digitally sign a JSON payload, providing integrity and authenticity to the message. The signature is generated using a shared secret or private key, and the signature can be verified using the corresponding public key. JWE tokens are used to encrypt the content of a message, providing confidentiality of the message. The content is encrypted using a shared secret or public key, and the content can be decrypted using the corresponding private key.

JWT tokens are used for securely transmitting claims between parties, such as user authentication information, in a compact and verifiable way. JWTs are usually composed of three parts: a header, a payload, and a signature. The header contains information about the signing algorithm and token type. The payload contains the claims, which are statements about an entity (typically, the user) and additional data. Finally, the signature is generated using the header and payload, along with a shared secret or private key, to provide integrity and authenticity to the message.

Each token format has its use case. JWS tokens are ideal for cases where the data needs to be signed and verified for authenticity but do not need to be encrypted. JWE tokens are suitable for cases where the data needs to be both encrypted and authenticated. JWT tokens are perfect for cases where a compact, verifiable, and secure way to transmit user authentication information is needed, such as in single sign-on (SSO) and stateless authentication scenarios.


PASETO (Platform-Agnostic Security Tokens) is an open-source token format for securing web applications, similar to JOSE (JWS, JWE, and JWT) token formats. However, PASETO is designed with a few key differences that offer several advantages over JOSE.

One of the key differences between PASETO and JOSE is that PASETO has a simpler and more secure token format. PASETO only supports two types of tokens: PASETO Local Tokens and PASETO Public Tokens. PASETO Local Tokens are encrypted and signed with a secret key, while PASETO Public Tokens are signed with a public key. In contrast, JOSE supports several token types, including JWS (JSON Web Signature), JWE (JSON Web Encryption), and JWT (JSON Web Token), each with its own set of options and configurations.

Another advantage of PASETO over JOSE is that PASETO is not tied to any specific platform or programming language. This means that PASETO can be implemented and used in any language or platform that supports cryptography. In contrast, JOSE is heavily tied to the JSON format, making it less flexible and more difficult to implement in non-JSON environments.

PASETO also provides a higher level of security than JOSE. For example, PASETO tokens have a built-in nonce that prevents replay attacks. PASETO also uses modern cryptographic primitives, such as Ed25519 for digital signatures and XChaCha20-Poly1305 for encryption, which is more secure than the primitives used by JOSE.

Overall, PASETO offers several advantages over JOSE in terms of simplicity, platform agnosticism, and security. However, JOSE is still a widely used token format and may be more appropriate in certain situations, such as when compatibility with existing systems is important.

Comparison between PASETO and JOSE:

  1. Token Format: JOSE tokens use JSON to encode the payload, while PASETO tokens use a binary format. The binary format used by PASETO makes it harder to tamper with the token.

  2. Security Features: Both PASETO and JOSE tokens support signature and encryption. However, PASETO is considered to be more secure due to its use of modern cryptographic primitives and the elimination of legacy algorithms. PASETO also provides built-in support for preventing token misuse, such as token replay attacks.

  3. Performance Comparison: PASETO tokens are generally faster to encode and decode than JOSE tokens due to their binary format. This means that PASETO tokens require less processing power to handle, which can be important in high-volume scenarios.

  4. Compatibility with Existing Systems: JOSE tokens are widely used in the industry and are supported by many libraries and platforms. PASETO, on the other hand, is a relatively new format and may not be supported by all systems.


In conclusion, both PASETO and JOSE token formats provide secure and efficient methods of implementing token-based authentication in modern web applications. While JOSE has been around for a longer time and has widespread adoption, PASETO offers some distinct advantages such as a simpler token format and better security features.

However, compatibility with existing systems may be a concern when choosing between the two formats. It is important to carefully consider the specific use case and requirements before making a decision on which token format to use.

Ultimately, both PASETO and JOSE are powerful tools that can be used to secure modern web applications, and the choice of which one to use will depend on many factors including the specific use case, security requirements, and existing infrastructure.


  1. PASETO Website. (

  2. JSON Web Token (JWT) Website. (

  3. JSON Object Signing and Encryption (JOSE) Website. (

I hope this helps, you!!

More such articles:


If this article adds any value to you then please clap and comment.

Let’s connect on Stackoverflow, LinkedIn, & Twitter.

Did you find this article valuable?

Support techwasti by becoming a sponsor. Any amount is appreciated!