Which signing algorithms are supported?

HS256, HS384, HS512 (HMAC with SHA), RS256 (RSA), and ES256 (ECDSA) are supported. HS256 is the most common for API development.

Can I set expiration and custom claims?

Yes. The payload editor lets you add any claims including exp, iat, sub, aud, and custom application-specific claims.

Is my signing secret safe?

Yes. All cryptographic operations run in your browser. Nothing is sent to any server.

Best Free Online JWT Generator

Generating test JWT tokens during API development — to simulate authenticated requests, test authorization logic, or populate fixture data — is a common need that usually requires writing a small script. devtoolkit.sh's JWT Generator lets you configure the header, payload claims, signing algorithm, and secret or key directly in the browser and produces a signed JWT instantly. It supports HS256, HS384, HS512, RS256, and ES256. The generated token can be decoded immediately to verify its contents. All signing happens in your browser — your secrets and private keys are never transmitted. This is ideal for testing protected API endpoints, seeding authentication fixtures, and learning how JWT signing works.

Algorithm

HS256

Secret key

Payload claims

Claim	Value

FAQ

Which signing algorithms are supported?: HS256, HS384, HS512 (HMAC with SHA), RS256 (RSA), and ES256 (ECDSA) are supported. HS256 is the most common for API development.
Can I set expiration and custom claims?: Yes. The payload editor lets you add any claims including exp, iat, sub, aud, and custom application-specific claims.
Is my signing secret safe?: Yes. All cryptographic operations run in your browser. Nothing is sent to any server.