I have a specific use-case where I need to JSON serialize a payload class, encrypt, pass along via handshakes between multiple application APIs in disparate domains, and each receiver must validate and decrypt the serialized class for rehydration and usage within the APIs. Leveraging the foundation and features of JWTs was a logical choice as the carrier for this payload. JWE was selected to gain confidentiality in the JWT’s payload.
Keys will be generated with legitimate certs for actual production implementation. Existing software infra is mostly all MS dotnet core.