The algorithm is used to perform digital signature (not encryption) on the header and marker payload. If you want to encrypt the token payload, you need to apply EWE estandard (see RFC )
Is there a practical difference between the HS256 and HS512 encryption algorithms, or is there additional protection against an excess redundant key compared to an already indestructible key? Which one should be used to encrypt the JWT token?
HS256 means HMAC-SHA256. The difference with HS512 is the power of hash methods. You can see keylength.com and this answer . You will see that even the SHA-256 has a fairly large margin of safety. Moreover, the HMAC algorithm does not pay much attention to attacks on the main hashing algorithm. Thus, you can safely use the HMAC-SHA1
Is it even possible to use HS512 encryption using jQuery java?
I am reviewing the code and this is possible (but not documented). Use something similar to
JWTSigner.Options options = new JWTSigner.Options(); options.setAlgorithm(Algorithm.HS512); jwtSigner.sign(claims, options);