How to use the JWT & OAuth Security Toolkit
Sign, verify, and inspect JSON Web Tokens with the full set of algorithms used in production: HS256 / HS384 / HS512 (HMAC), RS256 / RS384 / RS512 (RSA), ES256 / ES384 (ECDSA), PS256 / PS384 / PS512 (RSA-PSS), and EdDSA. Generate OAuth 2.0 PKCE code verifier / challenge pairs (S256) for SPA, mobile, and CLI flows. Signing keys and HMAC secrets never leave your browser — all crypto runs locally via Web Crypto. Use this to debug login failures, test new auth integrations, simulate identity-provider responses, and verify what your backend really expects.
What it does
- Sign JWTs with HS256/384/512, RS256/384/512, ES256/384, PS256/384/512, EdDSA.
- Verify JWT signatures against a secret (HS) or public key (RS / ES / PS / EdDSA).
- Validate claims:
iss, aud, sub, exp, nbf, iat, custom claims, allowed algorithms, clock skew.
- Generate OAuth 2.0 PKCE code verifier and S256 code challenge.
- Build, edit, and round-trip header + payload JSON; flag unsafe header fields (
alg=none, jku, jwk).
- Hand off to the JWT Decoder for read-only inspection or the JWK / JWKS / PEM Converter for key conversion.
When to use it
- Confirm your auth service signs tokens with the configured secret or key.
- Verify a token against a known shared secret or public key while debugging a 401.
- Generate a PKCE verifier / challenge pair for a SPA, mobile, or CLI OAuth flow.
- Simulate what an identity provider would issue for an integration test.
- Spot algorithm-confusion or downgrade risks (HS256 + asymmetric key).
- Reproduce a production token locally to debug a claim mismatch.
How to use it
- Pick the algorithm your backend expects (HS256 for shared secrets, RS256 / ES256 for asymmetric).
- Provide the HMAC secret (HS) or the key pair (RS / ES / PS / EdDSA) in PEM or JWK form.
- Edit the header and payload JSON to match what your service issues.
- Click Sign to produce a JWT, then paste it back into Verify to confirm the round trip.
- For OAuth flows, switch to the PKCE tab to generate a verifier / challenge pair.
- Inspect existing tokens with the JWT Decoder; convert public keys with the JWK / JWKS / PEM Converter.
Tips & pitfalls
- HS256 uses the same secret for signing and verifying — anyone with the secret can mint tokens. Treat it as a credential.
- Algorithm confusion: never allow the verifier to use a different algorithm than expected. A common attack swaps RS256 for HS256 using the public key as the HMAC secret.
- Decoding is not verification. Always verify the signature against the trusted key before trusting any claim.
- The PKCE
code_challenge is S256 (SHA-256 of the verifier) by default — required by most modern providers; plain is deprecated.
- Reject
alg=none in your verifier — it is a historical foot-gun.
- Set short
exp values and require aud / iss checks; do not rely on signature alone.
FAQ
- How do I sign a JWT in the browser? Pick the algorithm, provide the secret or key, set header + payload JSON, and click Sign.
- How do I verify a JWT against a public key? Pick RS256 / ES256 / PS256 / EdDSA, paste the public key (PEM or JWK), and paste the token.
- What is OAuth PKCE? Proof Key for Code Exchange — a mitigation for authorization-code interception in public clients. The verifier is random; the challenge is its SHA-256 hash, sent at /authorize.
- Are my keys uploaded? No. All signing, verification, and PKCE generation use Web Crypto in your browser.
- What algorithms are supported? HS256/384/512, RS256/384/512, ES256/384, PS256/384/512, EdDSA.
- Should I use HS256 or RS256? HS256 for trusted services with a shared secret; RS256 / ES256 when multiple verifiers need to validate without holding the signing key.
Related tools
Runs locally in your browser via Web Crypto. No uploads. HMAC secrets and private keys never leave your machine.
