JWT Builder / Encoder

Build and sign JSON Web Tokens with HS256, HS384, or HS512. All processing happens in your browser.

🔒

Security reminder: JWTs are encoded, not encrypted — anyone with the token can read the payload. Never include passwords or secrets in the payload. Always verify tokens server-side.

What is a JSON Web Token?

A JSON Web Token (JWT) is a compact, self-contained way to securely transmit information between parties as a JSON object. The information is verified and trusted because it is digitally signed. JWTs are widely used for authentication and information exchange in web applications, APIs, and microservices.

A JWT consists of three Base64URL-encoded parts separated by dots: header.payload.signature. The signature is computed over the header and payload using a secret key, which allows the receiver to verify that the token has not been tampered with.

JWT Structure

javascript
// Header (base64url-encoded)
{
  "alg": "HS256",
  "typ": "JWT"
}

// Payload (base64url-encoded)
{
  "sub": "1234567890",
  "name": "John Doe",
  "iat": 1516239022
}

// Signature
HMACSHA256(
  base64UrlEncode(header) + "." + base64UrlEncode(payload),
  secret
)

Standard JWT Claims

json
{
  // Registered claims (standard, optional but recommended)
  "iss": "https://auth.example.com",    // issuer
  "sub": "user_123",                    // subject
  "aud": "https://api.example.com",     // audience
  "exp": 1716239022,                    // expiration (Unix timestamp)
  "nbf": 1716235422,                    // not before
  "iat": 1716235422,                    // issued at
  "jti": "unique-token-id",             // JWT ID

  // Custom claims — your application data
  "role": "admin",
  "email": "user@example.com"
}

The payload can contain any JSON-serializable data, but avoid storing sensitive data such as passwords, credit card numbers, or personally identifiable information (PII). The payload is only Base64URL-encoded — anyone who obtains the token can decode and read it.

HMAC Algorithms Compared

AlgorithmHash FunctionKey LengthOutput SizeUse Case
HS256SHA-25632+ bytes recommended256 bits (32 bytes)General purpose, most common
HS384SHA-38448+ bytes recommended384 bits (48 bytes)Higher security, moderate overhead
HS512SHA-51264+ bytes recommended512 bits (64 bytes)Maximum security, largest tokens

Security Warnings

  • Never put secrets in the payload. The payload is only encoded, not encrypted. Anyone with the token can decode and read the payload in plain text.
  • Always verify server-side. Client-side validation of JWTs is not sufficient. Always verify the signature and claims (exp, iss, aud) on the server.
  • Use a strong secret. For HS256, use a secret of at least 256 bits (32 random bytes). Weak secrets can be brute-forced.
  • Set expiration (exp). Tokens without expiration remain valid forever. Use short-lived tokens and refresh token rotation.
  • Use HTTPS only. Transmit JWTs exclusively over TLS. Tokens intercepted over HTTP can be replayed by an attacker.
  • Consider asymmetric algorithms (RS256, ES256) for public clients. With HMAC, both parties need the same secret. RSA/ECDSA allow public key distribution.

When to Use JWTs

  • Stateless authentication — issue a token on login, verify on each request without a database lookup
  • API authorization — pass user roles and permissions in the token payload
  • Microservices — service-to-service authentication without a shared session store
  • Single sign-on (SSO) — share authentication across multiple domains

When NOT to Use JWTs

  • Session management — JWTs cannot be invalidated before expiration (use server-side sessions with Redis for revocable sessions)
  • Storing sensitive data — payload is publicly readable; use encrypted JWTs (JWE) if you must store private claims
  • Large payloads — JWTs are included in every request header; keep them small (under 4 KB)

Frequently Asked Questions

JWT tokens are Base64URL-encoded — this is encoding, not encryption. Anyone who obtains the token can decode the header and payload and read the contents. The signature only proves the token has not been modified, not that the payload is private. For encrypted JWTs, use JSON Web Encryption (JWE).

This builder supports HS256, HS384, and HS512 — all HMAC-based symmetric algorithms using SHA-2 hash functions. For asymmetric algorithms (RS256, ES256), you need a public/private key pair, which requires a backend service.

Use JSONKit's JWT Decoder tool. Paste your token and it will show you the decoded header, payload, and signature — no secret needed to decode (but you do need the secret to verify the signature).

For HS256, use a random secret of at least 32 bytes (256 bits). For HS384, use 48 bytes. For HS512, use 64 bytes. Generate secrets using a cryptographically secure random number generator, not a human-readable passphrase.

Yes, storing roles and permissions in the JWT payload is a common pattern. It avoids a database lookup on every request. However, remember the payload is public — do not put sensitive data in roles, and consider short expiration times so role changes take effect quickly.

If the header and payload are identical, a correctly implemented HMAC JWT should produce the same token each time (HMAC is deterministic). If you see different tokens, the input JSON object key order or whitespace may differ, or the timestamp fields (iat, exp) may have changed.

Related Tools