Free Tool

JWT Encoder

Generate signed JSON Web Tokens with HS256, HS384, or HS512. Set custom header and payload, provide a secret, and copy the encoded JWT.

JWT Encoder

Algorithm

How it works

1. Base64URL-encode the header JSON and payload JSON separately.

2. Concatenate them as header.payload.

3. Sign that string using HMAC with your chosen SHA algorithm and secret.

4. Base64URL-encode the signature and append as header.payload.signature.

⚠ For development and testing only. Never expose real secrets in a browser tool.

How JWT signing works

HMAC-based JWT signing combines the Base64url-encoded header and payload with a secret key to produce a signature. The three parts are joined with dots to form the final token.

Security warning

Never use real production secrets in browser-based tools. This encoder is intended for development, testing, and learning only.

How to use

  1. Choose an algorithm (HS256, HS384, or HS512).
  2. Edit the payload JSON — add any claims you need.
  3. Enter a secret key.
  4. Click Generate JWT and copy the result.

Signing runs in your browser using the Web Crypto API — no data is sent to any server.

Frequently Asked Questions

Which algorithms are supported?
HS256, HS384, and HS512 (HMAC-SHA). RS256 and other asymmetric algorithms are not supported in this browser tool.
Is this safe to use with production secrets?
No. Never enter production secrets into any browser tool. Use this for development and testing only.

Related Tools

JWT Decoder

Decode JSON Web Tokens — view header, payload & expiry

Epoch

Unix timestamp converter and date utility

Password Generator

Generate strong random passwords with entropy scoring