CBOR Web Token (CWT)

Document Type Replaced Internet-Draft (individual)
Authors Erik Wahlstroem  , Michael Jones  , Hannes Tschofenig 
Last updated 2015-12-14 (latest revision 2015-12-04)
Replaces draft-wahlstroem-oauth-cbor-web-token
Replaced by RFC 8392
Stream (None)
Intended RFC status (None)
Expired & archived
pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Replaced by draft-ietf-ace-cbor-web-token
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


CBOR Web Token (CWT) is a compact means of representing claims to be transferred between two parties. CWT is a profile of the JSON Web Token (JWT) that is optimized for constrained devices. The claims in a CWT are encoded in the Concise Binary Object Representation (CBOR) and CBOR Object Signing and Encryption (COSE) is used for added application layer security protection. A claim is a piece of information asserted about a subject and is represented as a name/ value pair consisting of a claim name and a claim value.


Erik Wahlstroem (erik.wahlstrom@nexusgroup.com)
Michael Jones (mbj@microsoft.com)
Hannes Tschofenig (hannes.tschofenig@arm.com)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)