JWT Generator
Create and sign an HS256 JWT, or verify a token's signature.
What it does
Enter a JSON payload and a secret, and this tool signs a JWT using HMAC-SHA256 (HS256) via your browser's native Web Crypto API. It can also verify whether an existing HS256 token's signature matches a given secret.
Common errors
Only HS256 is supported
This generator signs and verifies HS256 (HMAC) tokens only. RS256/ES256 (asymmetric) tokens require a private/public key pair and aren't supported here.
FAQ
No. Signing uses the browser's native SubtleCrypto API entirely client-side — your secret and payload never leave your device.