JWT Generator & Signer
Build and sign a JSON Web Token with your choice of HMAC or RSA algorithm. All signing is done locally with the Web Crypto API — your secret or private key never leaves the browser.
About JWT Signing
A signed JWT proves three things to whoever verifies it: the token was issued by a holder of the signing key, the payload has not been modified, and (if claims like exp are present) it is currently valid. Signing is mandatory for any non-toy use — never accept unsigned tokens.
This generator runs entirely in your browser using the Web Crypto API. Your secret or private key is never transmitted.
HMAC vs RSA — Which to Use?
- HS256/384/512 — symmetric. Both signer and verifier share the same secret. Faster, simpler. Use when the producer and consumer of the token are the same party (e.g. your monolith).
- RS256/384/512 — asymmetric. You sign with a private key; anyone can verify with the public key. Use when the verifier should not be able to forge tokens (e.g. an auth service issuing tokens consumed by many microservices, OAuth/OIDC).
- none — no signature. Only for testing how libraries handle unsigned tokens. Production verifiers must reject this algorithm explicitly.
Key Format
- HS* — any string. Recommended: 256+ random bits (e.g.
openssl rand -base64 32). - RS* — RSA private key in PKCS#8 PEM (
-----BEGIN PRIVATE KEY-----). Generate with:openssl genpkey -algorithm RSA -pkeyopt rsa_keygen_bits:2048 -out key.pem
Security Reminders
- Do not put secrets in the payload — JWT payloads are base64, not encrypted.
- Always set a reasonable
expclaim. 1 hour for access tokens is a common default. - The verifier must pin the expected
alg— never trust the token's own header to choose the algorithm.
Frequently Asked Questions
Signing happens entirely in the browser via the Web Crypto API. The secret/private key is never sent to any server. That said, treat signing keys as sensitive — for production use, sign tokens on a trusted backend, not in a web tool. This generator is intended for development, testing, and learning.
HMAC (HS256, HS384, HS512) using a shared secret, and RSASSA-PKCS1-v1_5 (RS256, RS384, RS512) using an RSA private key in PEM PKCS#8 format. ECDSA generation is planned but not yet implemented.
PKCS#8 PEM, i.e. starting with
-----BEGIN PRIVATE KEY-----. If you have a traditional RSA key (-----BEGIN RSA PRIVATE KEY-----), convert it with: openssl pkcs8 -topk8 -nocrypt -in old.pem -out new.pem.Just include them in the payload JSON.
exp, nbf, and iat are Unix timestamps in seconds. The helper buttons add "exp = now + 1 hour" or "iat = now" to the current payload.Yes — pick "none" from the algorithm list. The signature segment will be empty. This is supported strictly for testing JWT libraries. Never accept
alg=none on a real verifier — it has caused real authentication bypass vulnerabilities (e.g. CVE-2015-2951 and many copycats).