Free JWT generator (local HS256 / HS384 / HS512)
Build compact JWS tokens with a JSON payload and shared secret. Supports HS256, HS384, and HS512 via Web Crypto — your secret and payload stay in this tab. For RS256/ES256, use your framework or asymmetric keys; pair with the JWT decoder to inspect tokens.
How to use this tool
- 1
Open JWT generator
Create HMAC-signed JWTs for local development.
- 2
Set secret and payload
Choose algorithm, enter secret and JSON payload, optional time claims.
- 3
Copy the token
Copy the generated JWT and paste it into your app or decoder.
Quick facts
| Runs locally? | Yes — signing uses Web Crypto in your browser only. |
|---|---|
| Is anything uploaded? | No. Secrets and payloads stay in this tab. |
| Which algorithms? | HS256, HS384, and HS512 (symmetric HMAC) only. |
| Verify the token? | Use the JWT decoder tool with the same secret to inspect and verify. |
Top use cases
- Create HMAC-signed JWTs locally, optional iat/exp claims, copy token — no upload.
- Runs locally?: Yes — signing uses Web Crypto in your browser only.
- Is anything uploaded?: No. Secrets and payloads stay in this tab.
- Which algorithms?: HS256, HS384, and HS512 (symmetric HMAC) only.
- Verify the token?: Use the JWT decoder tool with the same secret to inspect and verify.
FAQ
Does my secret leave this device?▾
No. Signing runs entirely in your browser tab.
Can I generate RS256 tokens?▾
Not here — this tool only creates HMAC (HS*) tokens. Use OpenSSL or your API framework for RSA/EC keys.
Will existing payload claims be overwritten?▾
Optional iat and exp are merged into your JSON. If you already set iat/exp in the textarea, the checkbox and expiry preset replace them when enabled.
Is the output URL-safe?▾
Yes — standard compact JWS with Base64URL segments.
For production APIs?▾
Use only for local dev and tests. Rotate secrets and enforce exp/nbf on the server.
Which browsers work best?▾
Current Chrome, Edge, Firefox, and Safari with Web Crypto support.