JWT Generator — Sign HS256 Tokens
Create a signed HS256 JSON Web Token from your payload and a shared secret. The token is signed with Web Crypto right in your browser, so your secret and claims never leave your device — ideal for testing APIs and auth flows.
How to use it
- 1Edit the payload
Enter your claims as JSON (for example sub, name and exp).
- 2Enter a secret
Type the shared secret used to sign the token.
- 3Generate & copy
Press Generate to sign the HS256 token, then copy it.
How JWT signing works
A JWT has three parts: a header, a payload of claims, and a signature. For HS256 the signature is an HMAC-SHA256 of the header and payload using your secret. Anyone with the same secret can verify the token hasn’t been tampered with.
Because the secret is all that protects the token, keep it private. This tool signs locally so the secret is never transmitted — but never paste a real production secret into any online tool you don’t control.
Frequently asked questions
Is my secret sent to a server?
No. Signing happens entirely in your browser with the Web Crypto API; your secret and payload never leave your device.
Which algorithm is used?
HS256 (HMAC with SHA-256), the most common symmetric JWT algorithm.
Can I decode a token instead?
Yes — use the JWT Decoder tool to inspect an existing token’s header and payload.
Related tools
JWT Decoder
Decode a JSON Web Token to read its header, payload and claims, and verify HS256 signatures — all in your browser. Your token never leaves your device.
Hash Generator
Generate SHA-1, SHA-256, SHA-384 and SHA-512 hashes from text in your browser with the Web Crypto API. Copy the hex digest — nothing is sent to a server.
Base64 Encoder
Encode text to Base64 or decode Base64 back to text in your browser. Full UTF-8 support, copy with one click — nothing is sent to a server.