AES Encryption Explained: How It Works and Why It Matters
Jun 23, 2026
Create signed JSON Web Tokens with custom claims and algorithm selection.
JSON Web Token (JWT) is an open standard (RFC 7519) for securely transmitting information between parties as a JSON object. JWTs are commonly used for authentication and authorization in web applications and APIs.
A JWT consists of three parts separated by dots: Header (algorithm & token type), Payload (claims/data), and Signature (verified integrity). Signatures can be symmetric (HMAC with a shared secret) or asymmetric (RSA/ECDSA with a private/public key pair).
Symmetric algorithms using a shared secret key. The same key is used to sign and verify. Best for single-service applications where the verifier also knows the secret.
Asymmetric algorithms using a private key to sign and a public key to verify. The private key is never shared — only the public key is distributed. Ideal for microservices and third-party verification.
Asymmetric algorithms based on elliptic curve cryptography. Offer equivalent security to RSA with smaller key sizes. ES256 (P-256) is widely supported and recommended for new implementations.
Yes. JWT signing is performed entirely in your browser using the Web Crypto API. Your secret keys never leave your device.
HS256 uses a shared secret — both the signer and verifier must know it. RS256 uses a private key to sign and a public key to verify, allowing anyone with the public key to verify without knowing the private key.
Yes. Simply copy the generated token and include it in the Authorization: Bearer <token> header when making requests to your API.
All operations are performed in your browser using JavaScript. No data is sent to any server. The Web Crypto API provides hardware-accelerated cryptographic operations for HMAC and the jose library handles RSA and ECDSA signing.
Decode and verify JWT signatures
Decode and validate JWT tokens
Encrypt/decrypt with AES-256
Generate RSA key pairs in PEM format
Generate HMAC signatures
Test password strength and entropy
Blog
Jun 23, 2026
Jun 23, 2026
Jun 23, 2026
Jun 23, 2026
Jun 23, 2026
Jun 23, 2026