With JWTs (JSON Web Tokens), we can create a claim and then sign it with public key encryption or HMAC. But what if we want to encrypt data with a JWT? For this, we can use AES encryption to encrypt the data. The header then becomes the form of:
{
"alg": "dir",
"enc": "A128GCM"
}
and where the payload is a byte stream that is encoded into the JWT: