JWT Generator
SecurityGenerate signed JWTs with custom claims using HS256, RS256, or ES256. Set expiry, issuer, subject, and custom payload fields. Ideal for testing authentication flows.
All signing happens entirely in your browser via the WebCrypto API — no tokens, keys or data ever leave your device.
Claims
Secret Key
Configure & Generate
Choose an algorithm, fill in the claims and key, then click the arrow. For RSA/ECDSA, click Generate Key Pair first.
About JWT Generator
Building or testing authentication flows often requires creating valid JWTs quickly. This generator lets you define the header, payload claims, and signing algorithm, then produces a properly signed token you can use immediately in requests or test suites.
Features
- ✓HS256, HS384, HS512 signing with shared secrets
- ✓RS256/RS512 signing with PEM RSA private keys
- ✓ES256/ES512 signing with ECDSA keys
- ✓Form-based claim builder (iss, sub, aud, exp, nbf, iat)
- ✓Add arbitrary custom claims
- ✓Relative expiry shorthand (1h, 30m, 7d)
- ✓One-click copy of generated token
- ✓Paired token decode view for instant verification
Common Use Cases
- Generating test tokens for API integration testing
- Creating tokens with specific claims to reproduce edge-case bugs
- Demoing JWT authentication in presentations
- Generating tokens with future/past expiry to test validation logic
- Building mock authentication servers for frontend development
Frequently Asked Questions
QAre the generated tokens secure for production use?
Tokens generated here should be used for testing only. Production tokens must be generated server-side with secrets never exposed to a browser.
QWhat key format does RS256 expect?
RS256 expects a PKCS#1 or PKCS#8 PEM-encoded RSA private key. You can generate one with the RSA Key Generator tool.
QCan I verify the generated token?
Yes—use the JWT Decoder tool to inspect the token. Signature verification against the public key can be done server-side with your OAuth library.