JSONKit

Base64 Encoder / Decoder

Encode or decode Base64 — Standard, URL-safe, or Raw (no padding). Code snippets for Go, Python, JS, Java, Rust.

Code Snippet

What is Base64?

Base64 is an encoding scheme that converts binary data into a string of 64 printable ASCII characters. It was created to safely transmit binary content — like images, files, or binary payloads — through channels that only handle text, such as email (MIME), HTTP headers, or JSON fields.

The name "Base64" comes from the 64 characters it uses: uppercase A–Z, lowercase a–z, digits 0–9, and two special characters (+ and / in the standard variant). Every 3 bytes of binary input produce 4 Base64 characters, making the output about 33% larger than the original.

Base64 is not encryption — it is pure encoding. Anyone can decode it instantly. It exists only to make binary data safe to transport in text-only environments.

How Base64 Works

Base64 encoding works by grouping binary data into 6-bit chunks and mapping each chunk to one of 64 printable characters:

StepExample
Input textHi (2 bytes: 01001000 01101001)
Group into 3-byte blocks72, 105, pad
Split into 6-bit groups011001 000110 100100 padding
Map to Base64 alphabetS G k =
OutputSGk=

Base64 Variant Comparison

VariantCharsetPaddingGoUse case
StandardA-Z a-z 0-9 + /= paddingbase64.StdEncodingEmail (MIME), general data
URL-safeA-Z a-z 0-9 - _= paddingbase64.URLEncodingJWT, URL params, cookies
Raw (URL-safe)A-Z a-z 0-9 - _No paddingbase64.RawURLEncodingJWT tokens, compact storage

Go Base64 Encodings

go
import "encoding/base64"

data := []byte("Hello, World!")

// Standard (+ / with padding)
std := base64.StdEncoding.EncodeToString(data)
// => "SGVsbG8sIFdvcmxkIQ=="

// URL-safe (- _ with padding)
url := base64.URLEncoding.EncodeToString(data)
// => "SGVsbG8sIFdvcmxkIQ=="

// Raw URL-safe (- _ NO padding) — used in JWT
raw := base64.RawURLEncoding.EncodeToString(data)
// => "SGVsbG8sIFdvcmxkIQ"

// Decode
decoded, err := base64.RawURLEncoding.DecodeString(raw)
fmt.Println(string(decoded)) // Hello, World!

Common Use Cases

Use caseVariantWhy
JWT (JSON Web Tokens)Raw URL-safeCompact, URL-safe, no = padding issues
HTTP Basic AuthStandardAuthorization: Basic base64(user:pass)
Email attachments (MIME)StandardRFC 2045 specifies standard Base64
URL query parametersURL-safe- and _ are URL-safe; + and / are not
Data URIsStandarddata:image/png;base64,iVBOR...
Binary in JSONStandardJSON strings can contain Standard Base64

Frequently Asked Questions

Standard Base64 uses + and / as the 62nd and 63rd characters. These characters have special meaning in URLs, so URL-safe Base64 replaces them with - and _. The alphabet is otherwise identical.

Base64 output length is always a multiple of 4, padded with = characters. Raw variants omit this padding. JWT tokens use Raw URL-safe Base64 — the header and payload sections have no trailing = signs.

JWT uses Raw URL-safe Base64. Use base64.RawURLEncoding.DecodeString() instead of base64.StdEncoding. Also check if you need to replace - with + and _ with / if using StdEncoding.

No. Base64 is an encoding, not encryption. It converts binary data to ASCII text for safe transport, but provides no security. Anyone can decode it instantly. Use TLS for transport security and AES/RSA for encryption.

Related Tools

URL Encoder / Decoder

Encode or decode URLs — query, path, form encoding

Hash Generator

SHA-256, SHA-512, SHA-1 hashes and HMAC signatures

JSON Escape / Unescape

Escape JSON to a string literal or unescape it

HTML Escape / Unescape

Escape and unescape HTML entities for XSS prevention

JSON Formatter

Beautify and format JSON with indentation

UUID Generator

Generate UUID v4 and v7 identifiers in bulk