The Javascript Object Signing and Encryption (JOSE) header is a JSON object that provides information on a token's type, method of construction, and any metadata. The keys to the JOSE header have a special meaning:
- typ: The media type of the JWT. It is recommended to use a value of "JWT".
- cty: The content type of the JWT. This header should only be used in the case of nested JWT, and its value must be "JWT" to indicate that the content of the outermost JWT is also a JWT.
- alg: The algorithm used to generate the signature.