JWT Generator — Create JWT Tokens Online

JSON Web Token (JWT) is an RFC 7519 standard for compact, secure transmission of information between parties. This tool lets you create a JWT token with the desired claims and verify its structure before using it in your application.

Supported algorithms

HS256 — HMAC with SHA-256. Requires a secret key. The signature verifies the token's integrity;
none — unsigned. The signature part is empty. For debugging only.

Standard claims

iss — Issuer: the URL or name of the service that issued the token;
sub — Subject: the user or entity identifier;
aud — Audience: the intended recipient of the token;
exp — Expiration Time: Unix timestamp when the token expires;
iat — Issued At: issue time (added automatically).

Frequently Asked Questions

Which signing algorithm should I choose for a production application?

Always use HS256 (HMAC-SHA256) with a strong secret key for real projects. The "none" mode provides no security whatsoever and is only suitable for local testing or learning purposes. If you need asymmetric signing (RS256, ES256), our tool does not currently support those, but HS256 is sufficient for most internal services.
Can I use this generator to create a JWT with custom claims?

Yes, you can specify any claims in the payload field as a valid JSON object. Standard fields (sub, exp, iat, iss) are handled exactly the same as any custom ones. Just make sure the JSON syntax is correct, otherwise the generator will report an error. The resulting token can be used immediately in HTTP Authorization headers.
Is it safe to enter a secret key on this website?

Yes, completely safe. All token generation runs on your device in the browser. Neither the secret key nor the token payload is sent to the 101IP servers. You can verify this by disabling your internet connection after the page loads — the tool will continue to work. We do not store or log any input data.