← All tools

JWT Generator (HS256)

Build and sign real JSON Web Tokens with HMAC-SHA256, straight from your browser via WebCrypto. Set standard claims, add custom ones, and verify tokens against a secret. Nothing is uploaded.

Your signed token appears here.
Header and payload appear here after signing.
Verification result appears here.
const jwt = require("jsonwebtoken"); try { const payload = jwt.verify(token, secret); // HS256 by default console.log("valid:", payload); } catch (e) { console.error("invalid:", e.message); }
import jwt try: payload = jwt.decode(token, secret, algorithms=["HS256"]) print("valid:", payload) except jwt.InvalidTokenError as e: print("invalid:", e)

About this tool

Generates genuinely signed HS256 JSON Web Tokens using the browser's WebCrypto API — the same HMAC-SHA256 primitive your server uses — so the output verifies cleanly in jsonwebtoken, PyJWT, and any other standards-compliant library. HS384 and HS512 are deliberately omitted to keep the tool focused; HS256 covers the overwhelming majority of symmetric-JWT use cases, and adding algorithm choice invites misconfiguration.

Your secrets and tokens never leave the page — signing runs locally via WebCrypto, there is no server, no upload, and no tracking of tool inputs. Even so, treat any secret you paste into a browser as a test secret, not a production one.

Found this useful? 113 free, browser-only tools by Yuvrajsinh Jadav — an engineer who ships production AI systems. No account, nothing sent anywhere.