Are key or token uploaded?

No. Verification is performed entirely via the browser's WebCrypto API. Keys and tokens never leave your device.

Which algorithms are supported?

HS256 / 384 / 512, RS256 / 384 / 512, PS256 / 384 / 512, ES256 / 384 / 512. none and custom algorithms are not supported.

Why do I get Invalid key?

HMAC takes the secret as raw bytes. For RSA / ECDSA you need an SPKI PEM (-----BEGIN PUBLIC KEY-----) or a JWK — X.509 certificate PEMs need their public key extracted first.

If the signature is valid but exp is past, what shows?

Signature OK and Timing: expired are shown separately, so you can decide based on your use case.

Back to Developer

JWT signature verify — HMAC / RSA / ECDSA

Verify a JWT signature using WebCrypto — supports HS / RS / PS / ES with SHA-256/384/512. Paste an HMAC secret for HS*, or an SPKI PEM / JWK public key for RSA / ECDSA. exp / nbf are checked alongside the signature. Nothing leaves your browser.

developerJWTsecurity

How to use

Paste the JWT and the matching key. For HS256 / 384 / 512 use the HMAC secret as text; for RS / PS / ES use an SPKI PEM public key or a JWK. The algorithm is auto-detected from the header alg but can be overridden. Click Verify — WebCrypto checks the signature and also validates exp / nbf.

FAQ

Are key or token uploaded?: No. Verification is performed entirely via the browser's WebCrypto API. Keys and tokens never leave your device.
Which algorithms are supported?: HS256 / 384 / 512, RS256 / 384 / 512, PS256 / 384 / 512, ES256 / 384 / 512. none and custom algorithms are not supported.
Why do I get Invalid key?: HMAC takes the secret as raw bytes. For RSA / ECDSA you need an SPKI PEM (-----BEGIN PUBLIC KEY-----) or a JWK — X.509 certificate PEMs need their public key extracted first.
If the signature is valid but exp is past, what shows?: Signature OK and Timing: expired are shown separately, so you can decide based on your use case.

Related tools

JWT Encode (sign) — HMAC / RSA / ECDSA via Web Crypto

Generate (sign) a JWT (JSON Web Token) entirely in your browser using the Web Crypto API. Supports HS256 / HS384 / HS512 (HMAC), RS256 / RS384 / RS512 (RSASSA-PKCS1-v1_5), PS256 / PS384 / PS512 (RSA-PSS), and ES256 / ES384 / ES512 (ECDSA P-256/P-384/P-521). Provide Header / Payload as JSON (with optional auto-fill for `exp` / `iat` / `nbf`), and a key — a string for HMAC, or a PKCS#8 PEM / JWK for asymmetric. Output is the standard `header.payload.signature` JWT which can be pasted straight into jwt-decode / jwt-verify. Secrets and payloads stay in your browser.

developerJWTsecuritygenerate

JWT decode — inspect header & payload

Paste a JWT and break it down into Header / Payload / Signature. Numeric claims like exp / iat / nbf are translated into human-readable timestamps. No signature verification — purely for inspection. Runs entirely in your browser.

developerJWTdecode

Hash generator — SHA-1 / 256 / 384 / 512

Generate SHA-1, SHA-256, SHA-384, and SHA-512 digests from text in parallel. Powered by the Web Crypto API and runs entirely in your browser.

developerhashgenerate

HTML sanitizer — strip XSS vectors with DOMPurify

Strip XSS vectors (script tags, on* handlers, javascript:/data: URLs, iframes, etc.) from untrusted HTML using DOMPurify. Three profiles — Strict / Standard / Permissive — control which tags and attributes survive. Useful before passing user-generated HTML to a CMS / forum, locking down Markdown→HTML output, or cleaning legacy HTML during a blog migration. Runs entirely in your browser — HTML never leaves your device.

developersecurityformat