JWT signing algorithms overview

Currently, you can use the ES256 and RS256 algorithms to sign JSON web tokens (JWT). However, you can only use the ES256 signing algorithm with ECDSA P-256 keys using the secp256k1 curve. These keys use a SECG curve over a 256 bit prime field that is also known as Koblitz curve.
Note: We don’t support the use of the ES256 signing algorithm with ECDSA keys using the random curve, also known as secp256r1 or prime256v1, at this moment.

This procedure guides you through the processes of generating keys and signing and verifying your JWTs.

Important: All openssl commands executed in this guide are run with the LibreSSL 2.6.5 version and this build number of Mac OS X:
ProductName: Mac OS X
ProductVersion: 10.14.6
BuildVersion: 18G95
To check the version and build number of your Mac OS X, use the sw_vers command.