JWT Encode Online — HS256 Only
Sign a compact JWT with HS256 from JSON claims and a secret. Convenience expiry presets. Does not verify signatures — pair with JWT Decode to inspect the result.
How JWT encode works
Paste a JSON claims object and a secret. Header is locked to alg=HS256, typ=JWT. iat is always set to now. If an expiry preset is selected, exp is overwritten. Encoding is not verification — use jwt-decode to inspect, and your identity stack for trust.
Options
Examples
Basic claims
Claims
Result
Inspect after encode
Claims
Result
Related tools
Inspect tokens with jwt-decode. Review JWKS locally via inspect-jwks. Encoding here does not replace a verified auth flow.
JWT encode FAQ
HS256 only
Does this verify JWTs?
No. It only signs HS256 tokens. Use your auth server or JWKS verifier for trust. See jwt-decode to inspect.
Which algorithms are supported?
HS256 only in v1. RS256/ES* and alg=none are out of scope.
Is this a secure JWT for production?
This is a local helper for fixtures and debugging — not a claim that tokens are “secure” or production-ready auth.
Looking for converters, encoders, formatters, and minifiers in one place? Developer tools hub Open the curated developer tools catalogue.