RS256 vs HS256 — JWT Algorithm Comparison
Quick Answer: HS256 uses a shared secret (symmetric) -- both issuer and verifier need the same key. RS256 uses a public/private key pair (asymmetric) -- only the issuer has the private key; anyone can verify with the public key. Use RS256 when multiple services verify tokens; HS256 for single-service setups.
FAQ
Which JWT algorithm should I use?
RS256 for microservices (public key verification without sharing secrets) and third-party auth (Auth0, Firebase). HS256 for simple single-server apps where key distribution is not a concern.
Is RS256 more secure than HS256?
Both are secure when used correctly. RS256 advantage: the verification key (public) can be shared safely. HS256 risk: if the shared secret leaks, anyone can forge tokens.