Does my secret get sent to a server?

No. Signing runs entirely in your browser using the Web Crypto API (crypto.subtle.sign). The secret, header, and payload never leave the page, which makes this safe for testing real keys.

What algorithm does it use?

It always signs with HS256 (HMAC using SHA-256), the most common symmetric JWT algorithm. The encoded header's alg field is forced to HS256 so the token verifies correctly regardless of what you typed.

Can it produce RS256 or ES256 tokens?

No. Those are asymmetric algorithms that sign with a private key. This tool is HS256-only because HMAC uses a single shared secret, which is what most APIs and test setups use.

Is the output a valid, verifiable JWT?

Yes. The output is base64url(header).base64url(payload).HMAC-SHA256(signing input). Any standard JWT library or jwt.io will verify it against the same secret you entered.

Should I sign production tokens here?

For testing and debugging, yes — nothing leaves your browser. For live production issuance, sign on your server inside your auth service so the secret is managed and rotated centrally.

JWT HS256 Encoder (Client-Side)

Sign a JWT without leaving your browser

A JSON Web Token (JWT) is three base64url-encoded parts joined by dots: a header, a payload of claims, and a signature. This tool builds all three from JSON you control and signs them with HS256 — HMAC using SHA-256 — using a secret you provide. Everything happens client-side through the browser’s Web Crypto API, so your secret is never transmitted. It is built for developers debugging auth flows, crafting test fixtures, or learning exactly how a JWT is assembled.

How it works

A JWT is computed as:

header_b64    = base64url(JSON header)
payload_b64   = base64url(JSON payload)
signing_input = header_b64 + "." + payload_b64
signature     = base64url( HMAC_SHA256(secret, signing_input) )
token         = signing_input + "." + signature

The alg field in the header is forced to HS256 so the declared algorithm always matches the signature that is actually computed — a common source of “invalid signature” bugs. Base64url is standard base64 with + replaced by -, / replaced by _, and trailing = padding stripped. The HMAC step uses crypto.subtle.sign with the UTF-8 bytes of your secret as the key.

Tips and notes

Common payload claims include sub (subject), iat (issued-at, a Unix timestamp), and exp (expiry). Remember that a JWT is signed, not encrypted — anyone can base64url-decode the payload and read it, so never put secrets in the claims. To verify the token elsewhere, use the exact same secret string. If a verifier rejects your token, check that the secret matches byte-for-byte and that no extra whitespace crept into the JSON.