JWT Builder
Compose a JWT from scratch — edit the header and payload JSON, choose HMAC-SHA256, and sign with your own secret key. All operations run in-browser using the Web Crypto API. Useful for testing API authentication, debugging token issues, and understanding the JWT format.
Ctrl+Enter to run · Ctrl+K to switch tools · Recent button shows input history
Let AI do the hard part. Fix broken HTML, convert to email-safe HTML, or clean up any markup in one click — 3 free AI runs per day, no account needed.
Try the AI HTML FixerFAQ
Is this safe to use with real secrets?
Yes — signing happens entirely in your browser via the Web Crypto API. Nothing is sent to any server. Treat any generated token as sensitive; don't paste real production secrets into untrusted online tools.
What is a JWT?
A JSON Web Token is a compact, URL-safe string encoding a JSON header, a JSON payload, and a cryptographic signature. The signature lets the server verify the payload hasn't been tampered with.