> For the complete documentation index, see [llms.txt](https://docs.wem.io/platform/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.wem.io/platform/wemreference/functions/security/createjsonwebtokenh256.md).

# CreateJsonWebTokenH256

{% hint style="info" %}
The **`CreateJsonWebTokenH256()`** function returns the HMAC-SHA256 encoded JWT ([JSON Web Token](https://en.wikipedia.org/wiki/JSON_Web_Token)) for given payload (json value) and secret (password text), using the standard JWT header {alg=HS256 and typ=JWT} or a custom header.

This function is NOT SQL compatible. For more information about SQL compatibility, see our [documentation](/platform/wemreference/sql-compatibility.md).

*JWT tokens are used in authentication (Single Sign On) contexts, and designed to be compact, URL-safe and secure. Sites like Google or Zoom use JWT. They may provide information on how to work with their JWT for sign-on (with code examples for PHP, Python or C#), and if it supports the standard implementation, you can use this WEM Function to create the proper JWT - just provide the proper values for the payload and the secret. For the extensive standard information behind standard JWT, read the wiki pages.*

*This WEM implementation is following the basic standards - some sites may have custom implementations that deviate and therefore may not work with the WEM implementation.*
{% endhint %}

{% hint style="success" %}
Returns a Json Web Token ([wiki](https://en.wikipedia.org/wiki/JSON_Web_Token)) using the HMAC-SHA265 algorithm.\
Returns <mark style="color:red;">**`Unknown`**</mark> if one of the parameter values is unknown or outside the common valid boundaries.
{% endhint %}

### Syntax

<details>

<summary><code>CreateJsonWebTokenH256(</code><mark style="color:blue;"><code>payload</code></mark><code>, </code><mark style="color:blue;"><code>secret</code></mark><code>, </code><mark style="color:blue;"><code>secretisbase64encoded</code></mark><code>)</code></summary>

<mark style="color:blue;">`payload`</mark>=  { "sub": "1234567890", "name": "John Doe", "iat": 1516239022 }\ <mark style="color:blue;">`secret`</mark>= "12someSecret34"\ <mark style="color:blue;">`secretisbase64encoded`</mark> = false

*=> eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.XKDbghkfPuObFZk-KuHB41t90E2YzIj89byAeqtV6lk*

</details>

<details>

<summary><code>CreateJsonWebTokenH256(</code><mark style="color:blue;"><code>payload</code></mark><code>, </code><mark style="color:blue;"><code>secret</code></mark><code>, </code><mark style="color:blue;"><code>secretisbase64encoded</code></mark><code>, </code><mark style="color:blue;"><code>customheader</code></mark><code>)</code></summary>

<mark style="color:blue;">`payload`</mark>=  { "sub": "1234567890", "name": "John Doe", "iat": 1516239022 }\ <mark style="color:blue;">`secret`</mark>= "12someSecret34"\ <mark style="color:blue;">`secretisbase64encoded`</mark> = false\ <mark style="color:blue;">`customheader`</mark> = { "alg": "HS256", "typ": "JWT" }

*=> eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.XKDbghkfPuObFZk-KuHB41t90E2YzIj89byAeqtV6lk*

</details>

### Parameters

<table><thead><tr><th width="283.70825474075616">Name</th><th width="150">Type</th><th width="150" align="center">Required</th><th width="248.15953250810662">Description</th><th data-hidden>Required?</th></tr></thead><tbody><tr><td><mark style="color:blue;"><code>payload</code></mark></td><td>text</td><td align="center"><span data-gb-custom-inline data-tag="emoji" data-code="2611">☑️</span></td><td>A json-formed set of claims (see <a href="https://en.wikipedia.org/wiki/JSON_Web_Token"><code>wiki</code></a>)</td><td>yes</td></tr><tr><td><mark style="color:blue;"><code>secret</code></mark></td><td>text</td><td align="center"><span data-gb-custom-inline data-tag="emoji" data-code="2611">☑️</span></td><td>Text or data field that holds the encryption secret.</td><td>yes</td></tr><tr><td><mark style="color:blue;"><code>secretisbase64encoded</code></mark></td><td>yes/no</td><td align="center"><span data-gb-custom-inline data-tag="emoji" data-code="2611">☑️</span></td><td>indicates whether the secret is base64 encoded (true) or plaintext (false)</td><td></td></tr><tr><td><mark style="color:blue;"><code>customheader</code></mark></td><td>text</td><td align="center"></td><td>You can also use a custom header according to the <a href="https://en.wikipedia.org/wiki/JSON_Web_Token"><code>JWT definition</code></a>.</td><td></td></tr></tbody></table>


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter, and the optional `goal` query parameter:

```
GET https://docs.wem.io/platform/wemreference/functions/security/createjsonwebtokenh256.md?ask=<question>&goal=<endgoal>
```

`ask` is the immediate question: it should be specific, self-contained, and written in natural language.
`goal` is optional and describes the broader end goal you are ultimately trying to accomplish on behalf of the user. GitBook uses it to tailor the answer towards what is most useful for that goal.

The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.