Which signing algorithms are supported?

The tool supports HMAC algorithms (HS256, HS384, HS512) for symmetric signing. These are the most common algorithms for development and testing scenarios.

Can I set custom expiration times?

Yes. You can set the exp (expiration), iat (issued at), and nbf (not before) claims using a date picker or by entering Unix timestamps directly.

Is my signing secret safe?

Yes. The secret key is used locally in your browser for signing and is never transmitted to any server. However, tokens generated with test secrets should never be used in production.

Generate JWT Online Free

Create JSON Web Tokens with custom headers, payloads and signing algorithms. This free tool generates JWTs entirely in your browser, so your signing secrets and token payloads are never exposed to any third-party server.

Open JWT Generator

JWT Generation Example

Header:
  { "alg": "HS256", "typ": "JWT" }

Payload:
  {
    "sub": "user-123",
    "name": "Jane Doe",
    "role": "admin",
    "iat": 1700000000,
    "exp": 1700086400
  }

Secret: my-secret-key

Generated Token:
  eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOi...

Common Use Cases

Creating test tokens for API development and debugging
Generating mock authentication tokens for frontend testing
Building tokens with custom claims for integration tests
Prototyping token-based auth flows before implementing server-side

Frequently Asked Questions

Which signing algorithms are supported?: The tool supports HMAC algorithms (HS256, HS384, HS512) for symmetric signing. These are the most common algorithms for development and testing scenarios.
Can I set custom expiration times?: Yes. You can set the exp (expiration), iat (issued at), and nbf (not before) claims using a date picker or by entering Unix timestamps directly.
Is my signing secret safe?: Yes. The secret key is used locally in your browser for signing and is never transmitted to any server. However, tokens generated with test secrets should never be used in production.