JWT Encoder

Create and sign JWT tokens using HMAC/Base64

JWT Settings
JWT Token
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
169 chars
3 parts

Related Auth Tools

What is JWT?

JSON Web Tokens (JWT) are an open standard for securely transmitting information between parties. A JWT consists of three parts: Header (algorithm & type), Payload (claims), and Signature (verification). Used extensively in authentication, API authorization, and single sign-on.

Frequently Asked Questions

What's the difference between JWT encode and decode?
Encoding creates a signed token from header + payload + secret. Decoding verifies and extracts the original data. Use our JWT Decoder tool to verify tokens created here.
How is the signature generated?
The signature is created by applying the chosen algorithm (HS256) to base64url(header) + "." + base64url(payload) using the secret key. This ensures token integrity.
Should I include sensitive data in JWT?
JWTs are base64-encoded, not encrypted. Anyone can decode and read the payload. Never include passwords or sensitive personal data—only non-sensitive claims.