TL
Tool Lab
πŸ’°Donate
πŸ’°Donate

JWT Token Generator

Generate signed JSON Web Tokens with HS256, HS384, or HS512 algorithms.

Algorithm
Secret Key
Payload (JSON)

About This Tool

The JWT Token Generator creates signed JSON Web Tokens using HMAC-SHA algorithms (HS256, HS384, HS512). You supply a JSON payload and a secret key; the tool encodes the header and payload as Base64url, then signs the concatenated result with HMAC using the Web Crypto API. The three parts of the resulting token are color-coded: red for the header, green for the payload, and blue for the signature.

All signing happens entirely in your browser via the native crypto.subtleAPI. Your secret key and payload are never sent to any server. This tool is designed for learning, development, and testing β€” for production token issuance, use a server-side library.

How to Use

  1. Select an algorithm (HS256 is the most common).
  2. Enter your secret signing key in the Secret Key field.
  3. Edit the Payload JSON β€” add or remove claims as needed. Common claims: sub, name, iat, exp.
  4. Click Generate JWT to produce the signed token.
  5. Click Copy to copy the full token to your clipboard.

Use Cases

Developers testing API endpoints that require JWT authentication generate sample tokens with specific claims for manual testing in tools like curl or Postman. QA engineers create tokens with custom expiration times (exp) to test how the API handles expired sessions. Students learning JWT structure use this tool to see exactly how the three parts are encoded and joined. Back-end engineers verify token generation logic by comparing their library output against this tool's output.

FAQ

  • Is this tool safe to use with production secrets? β€” All computation is local in your browser, but avoid pasting real production secrets into any web tool as a best practice. Use a throwaway key for testing.
  • Does this support RS256 or ES256? β€” Not currently. Only HMAC-based algorithms (HS256/HS384/HS512) are supported, as asymmetric algorithms require a private key in PEM format which adds significant complexity.
  • What is the difference between HS256, HS384, and HS512? β€” The number indicates the SHA hash length in bits. HS512 produces a longer, stronger signature but the practical security difference is negligible for most applications.
  • Can I verify a token with this tool? β€” This generator does not verify. To verify JWTs, use our JWT Debugger.