Which signing algorithms are supported?

HS256, HS384, HS512 (HMAC), RS256/384/512 (RSA), and ES256/384/512 (ECDSA) are all available.

Can I set custom expiry times?

Yes. Add an exp claim with a Unix timestamp or use the relative time picker (e.g. +1h).

Use only for testing. Generate production tokens server-side with a proper library to protect the signing key.

Yes. Paste a PEM-formatted RSA private key and the tool signs with RS256 correctly.

Fill in header and payload claims, add a secret, and generate a signed JWT.

Header (JSON) Payload (JSON) Secret (for display only, signing not supported in browser)

Output

Fill in header and payload claims, add a secret, and generate a signed JWT.

Last updated: 2026-06-09 · Reviewed by Nham Vu