JWT Generator
Create and sign a JSON Web Token (JWT) with HS256, HS384, or HS512.
ToolsSoup's JWT Generator is a free online tool that builds and signs a JSON Web Token right in your browser. Pick an HMAC algorithm, paste your claims as JSON, type a secret, and get a ready-to-use header.payload.signature token in one click. The signing happens locally with the Web Crypto API, so your secret and claims never leave your device.
What is a JWT generator?
A JWT generator creates a signed JSON Web Token from a set of claims and a secret key. It encodes a header that names the signing algorithm and a payload that carries your claims, joins them, and appends an HMAC signature so the token can later be verified. The result is a compact, URL-safe string with three Base64URL parts separated by dots — the standard format expected by authentication systems and APIs.
How to generate a JWT online
Creating a signed token with ToolsSoup takes just a few seconds:
- Choose a signing algorithm — HS256, HS384, or HS512.
- Paste your claims into the payload box as valid JSON, for example a sub, name, and exp.
- Type the secret you want to sign the token with.
- Click Generate to produce the signed JWT, then copy it with one click.
Which algorithms are supported?
This generator signs tokens with the HMAC family: HS256, HS384, and HS512. These use a single shared secret for both signing and verification, which makes them ideal for testing, internal services, and any system where the same party issues and validates the token. The header is built automatically from your chosen algorithm with a typ of JWT, so you only need to supply the payload and the secret.
Is the signature real and verifiable?
Yes. The token is signed with a genuine HMAC computed by your browser's Web Crypto API, so it will verify against the same secret in any standard JWT library. Because the secret is symmetric, anyone with that secret can both create and validate matching tokens — keep production secrets private and use long, random values.
Why use this JWT generator?
- 100% free with no ads, sign-up, or usage limits.
- Runs entirely in your browser — your secret and claims are never uploaded to a server.
- Signs tokens with real HMAC using the Web Crypto API.
- Supports HS256, HS384, and HS512 signing algorithms.
- Builds the header automatically so you only edit the payload.
- Works offline once the page has loaded.
Frequently asked questions
Is this JWT generator free?
Yes. Every tool on ToolsSoup is completely free to use, with no account, sign-up, or hidden limits.
Is it safe to type my secret here?
Yes. All signing happens locally in your browser using the Web Crypto API, so your secret and payload are never sent to or stored on any server. Still, avoid pasting real production secrets where others can see your screen.
What is the difference between signing and encoding a JWT?
Encoding only Base64URL-encodes the header and payload, which anyone can read. Signing adds an HMAC computed from your secret so the token can be verified and detected if tampered with. This tool does both — it encodes the claims and signs them.
Which signing algorithms can I use?
You can sign with HS256, HS384, or HS512 — the HMAC family that uses a shared secret. RSA and ECDSA algorithms like RS256 use key pairs and are not supported here.
Will the token verify in my application?
Yes. The signature is a standard HMAC, so the generated token validates in any JWT library as long as you use the same secret and algorithm you selected here.
Are JWTs encrypted?
No. A signed JWT is only Base64URL-encoded, so anyone can read its payload. Never put sensitive data in a JWT unless you are using an encrypted JWT (JWE).