Free Online JWT Generator

A JWT generator builds a signed JSON Web Token from a header, payload and secret using HMAC (HS256/384/512) per RFC 7519.

Your data is processed entirely in your browser and never sent to any server.

Instant results 100% private No signup needed

How to Use This Tool

  1. Pick the algorithm (HS256 is the standard default).
  2. Edit the header JSON if you need extra fields beyond alg and typ.
  3. Edit the payload JSON to set your claims — sub, exp, iat, iss, plus anything custom.
  4. Enter the signing secret, click Sign token, and copy the resulting JWT.

What Is a JWT Generator?

A JSON Web Token (RFC 7519) is three Base64Url-encoded segments — header, payload and signature — joined with dots. The header (JOSE header per RFC 7515) names the signing algorithm; the payload carries registered claims like `sub`, `exp`, `iat`, `iss`, `aud` plus any custom claims; the signature binds them together so a server can verify the token came from a holder of the signing key without storing session state.

This generator signs with HMAC — the HS-family algorithms. HS256 is the most common choice: short tokens, fast verification, just one shared secret. HS384 and HS512 widen the MAC at a small CPU cost. For multi-party verification where the issuer alone should be able to forge tokens, switch to RS256 (RSA signature) or ES256 (ECDSA), which need an asymmetric key pair this tool does not generate.

Tokens are signed locally and not stored. Never put real production secrets inside the payload — it is Base64-encoded, not encrypted, and anyone holding the token can read every claim.

Frequently Asked Questions

What's a JWT?
JSON Web Token — a Base64Url-encoded header and payload joined with a signature. It's commonly used for stateless API auth in an Authorization: Bearer header.
HS256 vs RS256?
HS256 uses a shared secret (HMAC). RS256 uses an RSA key pair. This tool generates HS* tokens; use RS256 servers when public verification is needed.
What should I put in the payload?
Standard claims (sub, iss, aud, exp, iat, nbf) plus your own. Don't put secrets there — the payload is Base64, not encrypted.

Published by the WeGotEveryTool team. We build and test every tool in-house and update pages when the underlying spec, formula, or recommendation changes.

Reviewed: May 2026. Disclaimer: this tool is provided as-is for general informational use. For decisions with material consequences (medical, legal, financial, security) verify results against a qualified professional source.

Related Encryption & Security

HMAC Generator

Generate HMAC (keyed-hash MAC). Verify integrity and authenticity with a shared secret key.

API Key Generator

Generate cryptographically random API keys. Hex, Base64, Base62 or alphanumeric with optional prefix.

AES Encrypt / Decrypt

Encrypt and decrypt with AES-GCM. Symmetric encryption using a passphrase-derived key.

Secure Password Generator

Generate cryptographically random passwords with entropy display and custom symbol sets.

You Might Also Like

JWT Decoder

Developer Tools