With symmetric signature generation algorithms, both generation and validation of the JWT require the same secret. Similar to before, we pass the base-64 encoded header/claim set into the algorithm with the secret, and a Message Authentication Code (MAC) is produced. The MAC is attached with the claim set and header to produce the full JWT.
Examples of symmetric signature generation algorithms include the Keyed-hash message authentication code (HMAC) with the SHA hash algorithm, and includes HS256, HS384, and HS512.