JWT Generator Online: Create Custom Tokens
Free, secure, and instant JWT token generation right in your browser
JWT Token Generator
Header
Payload (Claims)
Signature
How JWT Generation Works
Steps to Generate a JWT
-
Create the Header
The header typically consists of the token type and the signing algorithm being used.
{"alg": "HS256", "typ": "JWT"} -
Create the Payload
The payload contains claims (statements about an entity) and additional data.
{"sub": "1234567890", "name": "John Doe", "iat": 1516239022} -
Create the Signature
The signature is created by encoding the header and payload, and then signing with the secret key.
HMACSHA256( base64UrlEncode(header) + "." + base64UrlEncode(payload), secret)
-
Put it All Together
Combine the encoded header, payload, and signature with dots (.) between them.
xxxxx.yyyyy.zzzzz
JWT Algorithms
HMAC (Symmetric)
Uses a single secret key for both signing and verification.
- HS256 - HMAC with SHA-256
- HS384 - HMAC with SHA-384
- HS512 - HMAC with SHA-512
RSA (Asymmetric)
Uses a private key for signing and a public key for verification.
- RS256 - RSA with SHA-256
- RS384 - RSA with SHA-384
- RS512 - RSA with SHA-512
ECDSA (Asymmetric)
Uses Elliptic Curve cryptography for improved security with smaller key sizes.
- ES256 - ECDSA with P-256 and SHA-256
- ES384 - ECDSA with P-384 and SHA-384
- ES512 - ECDSA with P-521 and SHA-512
Common JWT Use Cases
Authentication
Securely transmit user identity information after login to maintain sessions.
Authorization
Grant specific permissions and access control using claims in the token payload.
API Authentication
Secure API endpoints with tokens to validate client requests without sessions.
Information Exchange
Securely share information between parties with tamper-proof guarantee.