2.2 Binary Encoding

JSON has no native binary data format, so a number of string encodings are used to represent binary data depending on context.

BASE64URL

This is a base64 encoding using a URL-safe alphabet, as described in RFC 4648 section 5, with the trailing padding characters (“=”) stripped.

This is the encoding used by the JOSE standards and will be found in the JWS, JWK and JWE objects used. This is documented in RFC 7515 section 2.

This encoding is also used in a few other non-JOSE members to maintain consistency.

BASE64

This is the standard base64 encoding, as described in RFC 4648 section 4, and includes the trailing padding characters (“=”).

This is used for encoding certificates (JOSE x5c members), presumably to more closely match the common PEM encoding that certificates are often found in.

HEX
In some cases, short binary values are expressed as lowercase hex strings. This is to match convention with how these values are typically seen and worked with.