ToolWren › JWT Generator

JWT Generator

Build a signed JSON Web Token from your own payload and secret. Signing uses the browser's native Web Crypto API, so your secret never leaves your device.

100% client-side · nothing is uploaded

Loading tool…

How to use the JWT Generator

Choose the signing algorithm (HS256/384/512).
Edit the payload JSON with your own claims, and enter a secret.
Click Generate & Sign to build the signed token.
Click Copy to use the token — paste it into the JWT Decoder to inspect it.

Privacy: this tool runs entirely in your browser. Your input is never sent to, received by, or stored on any server — there are no uploads and no tracking of what you enter.

About JWT Generator

Creating a signed JWT

Provide a JSON payload (the claims) and a shared secret, choose an HMAC algorithm (HS256, HS384 or HS512), and the tool produces a complete header.payload.signature token ready to use in an Authorization header.

HMAC signing

HMAC algorithms sign the token with a symmetric secret. The same secret is needed to verify it later. For public/private key signing (RS256/ES256) you would generate the signature server-side with your private key.

Use responsibly

Generated tokens are only as secure as your secret. Use a long, random secret, and remember that anyone with the secret can mint valid tokens.

Frequently asked questions

Does my secret get sent anywhere?

No. Signing happens locally with the Web Crypto API; the secret and payload never leave your browser.

Which algorithms are supported?

HMAC with SHA-256, SHA-384 and SHA-512 (HS256/HS384/HS512).

Can I generate RS256 tokens?

Not here — RS256/ES256 need an asymmetric private key and are best generated server-side. This tool focuses on HMAC tokens.

How do I check the token?

Paste the result into our JWT Decoder to inspect the header and payload.