Is my secret key safe?

Yes. Signing is performed entirely using the browser's built-in Web Crypto API. Your secret never leaves your device.

What algorithms are supported?

Currently HS256 (HMAC-SHA256) is supported. RS256 and ES256 require a key pair and are not included in this tool.

How do I set the expiry?

Enter the exp claim as a Unix timestamp. The tool provides a helper to set it to a relative time (e.g., +1 hour, +1 day) and converts it to the correct numeric value.

JWT Generator

Build and sign JWTs with HS256 using the Web Crypto API.

Algorithm

HS256

Secret key

Payload claims

Claim	Value

Related Tools

JWTJWT Decoder

Decode and inspect JSON Web Token header and payload.

EXWExplain JWT

Decode a JWT and annotate every claim with a human-readable explanation and validity status.

#Hash Generator

Generate SHA-1, SHA-256, SHA-384, and SHA-512 cryptographic hashes from any text.

FAQ

Is my secret key safe?: Yes. Signing is performed entirely using the browser's built-in Web Crypto API. Your secret never leaves your device.
What algorithms are supported?: Currently HS256 (HMAC-SHA256) is supported. RS256 and ES256 require a key pair and are not included in this tool.
How do I set the expiry?: Enter the exp claim as a Unix timestamp. The tool provides a helper to set it to a relative time (e.g., +1 hour, +1 day) and converts it to the correct numeric value.

Generate a signed JSON Web Token in your browser. Select the HS256 algorithm, enter your secret key, and fill in standard payload claims (iss, sub, exp, iat) plus custom fields. The tool signs the token using the Web Crypto API and shows the decoded header, payload, and signature breakdown.