JWT Generator & Signer
Create and sign JSON Web Tokens with HS256, HS384 or HS512 algorithms. Set custom claims and expiry. Runs entirely in your browser.
🔒 Security Tools
Free
Browser-based
What is a JWT?
A JSON Web Token (JWT) is a compact, URL-safe token for transmitting claims between parties. It consists of three Base64url-encoded parts separated by dots: Header (algorithm), Payload (claims) and Signature (integrity proof).
Standard JWT Claims
| Claim | Name | Description |
|---|---|---|
sub | Subject | Identifies the principal (e.g. user ID) |
iss | Issuer | Who issued the token |
aud | Audience | Intended recipients |
exp | Expiration | Unix timestamp when the token expires |
iat | Issued At | Unix timestamp when the token was issued |
jti | JWT ID | Unique identifier for the token |
HMAC vs RSA Signing
HS256/HS384/HS512 use a shared secret — both parties must know the same key. RS256/ES256 use asymmetric keys — the signer uses a private key and verifiers use the corresponding public key. Use HMAC for server-to-server tokens and RSA/EC for tokens verified by third parties.