Create your own JSON Web Tokens (JWTs) securely using our browser-based JWT Encoder. Encode header, payload, and optionally sign it with a secret—all done locally without sending data to a server.
A JSON Web Token (JWT) is a compact, self-contained way to represent claims that can be transmitted securely between parties. It is commonly used in authentication systems to verify user identities and pass metadata between services.
Encoding a JWT involves taking a JSON object (the header and payload) and converting it into a base64url-encoded format. If a secret key is provided, a signature is generated to protect the token from tampering.
The header contains metadata about the token, such as the signing algorithm and token type. Common algorithms include HS256, RS256, and ES256.
{
"alg": "HS256",
"typ": "JWT"
}The payload holds the actual data or claims. These claims can be about the user (e.g., sub or email) or other contextual information like expiration or role.
{
"sub": "abc123",
"role": "admin",
"exp": 1721112345
}If you choose to sign your token, a cryptographic signature is generated using the encoded header and payload along with a secret or private key. This prevents unauthorized tampering of the token.
HMACSHA256( base64UrlEncode(header) + "." + base64UrlEncode(payload), secret )
Yes! This tool runs entirely in your browser. Your header, payload, and secret key never leave your device, making it ideal for local development and learning.
Need to inspect an existing token? Try our JWT Decoder for a fast and secure way to view token contents.