Skip to content
ConvenTools

JWT Generator — Sign HS256 Tokens

Runs in your browser — your files never leave your device

Create a signed HS256 JSON Web Token from your payload and a shared secret. The token is signed with Web Crypto right in your browser, so your secret and claims never leave your device — ideal for testing APIs and auth flows.

How to use it

  1. 1
    Edit the payload

    Enter your claims as JSON (for example sub, name and exp).

  2. 2
    Enter a secret

    Type the shared secret used to sign the token.

  3. 3
    Generate & copy

    Press Generate to sign the HS256 token, then copy it.

How JWT signing works

A JWT has three parts: a header, a payload of claims, and a signature. For HS256 the signature is an HMAC-SHA256 of the header and payload using your secret. Anyone with the same secret can verify the token hasn’t been tampered with.

Because the secret is all that protects the token, keep it private. This tool signs locally so the secret is never transmitted — but never paste a real production secret into any online tool you don’t control.

Frequently asked questions

Is my secret sent to a server?

No. Signing happens entirely in your browser with the Web Crypto API; your secret and payload never leave your device.

Which algorithm is used?

HS256 (HMAC with SHA-256), the most common symmetric JWT algorithm.

Can I decode a token instead?

Yes — use the JWT Decoder tool to inspect an existing token’s header and payload.