JWT Signing & Verification Tool
Local HMAC-based JWT signing and verification. Supports HS256/384/512.
Secret
Header (optional)
Payload
Output
What is JWT?
A self-contained token format for authentication. This tool supports HS/RS/ES algorithms locally.
Structure
- Header: alg & typ
- Payload: claims
- Signature: verification
- Three Base64URL parts
Algorithms
- HS: Symmetric Key
- RS: RSA Key Pair
- ES: ECDSA Key Pair
Common Claims
- iss (Issuer)
- sub (Subject)
- exp (Expiration)
- iat (Issued At)
Notes
- Keep keys secure
- Verify exp/nbf/iat
- Base64URL has no '='
- For debugging only
Usage
- Select Sign or Parse/Verify
- Enter Secret or Private Key
- Fill Header and Payload
- Execute to get results
FAQ
Which algorithms are supported?
HS256, HS384, HS512 (symmetric).
Will data be uploaded?
No. Everything runs locally in your browser.
Why are there no '=' paddings?
JWT uses base64url encoding, which omits '=' and replaces +/.