Generate cryptographically strong signing secrets for JSON Web Tokens. Powered by the Web Crypto API — nothing leaves your browser.
Built for developers who care about security and speed — no accounts, no tracking, no nonsense.
Uses crypto.getRandomValues() — the browser's CSPRNG — for true cryptographic randomness. Not Math.random().
Automatically enforces minimum key lengths per NIST guidelines: 256-bit for HS256, 384-bit for HS384, 512-bit for HS512.
Output in Base64url, Base64, Hexadecimal, or ASCII Printable — whichever your JWT library expects.
Instantly visualize the strength of your generated key with a colour-coded entropy score and bit-strength indicator.
Generate up to 50 unique secrets in one click — perfect for multi-tenant applications or rotating key pools.
One-click copy to clipboard, download as a .txt file, or instantly wipe output. Your workflow, your way.
All generation happens in your browser tab. No API calls, no server logs, no telemetry. Fully air-gap safe.
Fully responsive design adapts to any screen size. Generate keys on your phone or tablet just as easily.
ARIA-labeled controls, keyboard navigation, and screen reader support. Built to WCAG 2.1 AA standards.
From settings to secure key in three steps — takes less than five seconds.
Select the HMAC algorithm your application uses (HS256, HS384, or HS512). Pick an output encoding compatible with your JWT library. The tool enforces NIST-recommended minimum key sizes automatically.
The browser calls crypto.getRandomValues() to fill a typed array with cryptographically secure random bytes. No seeds, no patterns — pure entropy. The result is immediately encoded in your chosen format.
Copy the key to your clipboard, download it as a .txt file, or paste directly into your .env file, secrets manager, or CI/CD pipeline. Done!
JSON Web Tokens are the backbone of modern authentication. From REST APIs to GraphQL services, from mobile backends to serverless functions — JWTs are everywhere. And at the heart of every signed JWT sits a single artefact that determines whether your entire auth system holds or crumbles: the secret key.
This guide explains what a JWT secret is, why weak secrets are exploited in minutes, how to generate a cryptographically strong one, and how to manage it across your application lifecycle.
A JWT consists of three Base64url-encoded parts separated by dots: a header, a payload, and a signature. For HMAC-based JWTs (HS256, HS384, HS512), the signature is computed as:
The secret acts as the signing key. When your server receives a JWT, it re-computes the signature using the same secret. If the signatures match, the token is authentic and untampered. If they don't, the token is rejected. An attacker who knows your secret can forge any token they wish — including ones claiming admin privileges.
Widely publicised attacks have shown that many production APIs use secrets like secret, password, 1234567890, or even an empty string. These can be cracked offline in milliseconds using GPU-accelerated dictionary tools. Once forged, an attacker's token looks identical to a legitimate one — your server has no way to tell the difference.
role: "user" to role: "admin".| Algorithm | HMAC Hash | Min Key Length | Recommended |
|---|---|---|---|
| HS256 | SHA-256 | 256 bits (32 B) | 256 – 512 bits |
| HS384 | SHA-384 | 384 bits (48 B) | 384 – 768 bits |
| HS512 | SHA-512 | 512 bits (64 B) | 512 – 1024 bits |
NIST SP 800-107 specifies that the key length should be at least equal to the output length of the underlying hash function. Using a 128-bit secret with HS256 technically "works" but violates the spec and dramatically reduces security.
Node.js (jsonwebtoken):
Python (PyJWT):
PHP (firebase/php-jwt):
.env files locally — never commit them to Git (.gitignore is mandatory).HMAC secrets (HS256/384/512) use a single shared secret for both signing and verification. This is fast and simple, but means every service that verifies tokens must also have the secret — creating multiple attack surfaces. If you have many microservices verifying tokens, consider RS256 (RSA-based asymmetric signing): only the auth server has the private key, and all others use the public key to verify.
For monolithic apps or when the same service signs and verifies tokens, HS512 with a strong secret is an excellent, efficient choice.
crypto.getRandomValues() function — the same CSPRNG used by password managers and browsers. No data is sent to any server. No logs. No storage. You can disconnect from the internet and it will still work.jsonwebtoken (Node.js), PyJWT (Python), firebase/php-jwt (PHP), golang-jwt/jwt (Go), io.jsonwebtoken (Java), and more. Just paste it as your signing key.Generate your first cryptographically strong JWT secret in under three seconds — free forever, no sign-up required.
⚡ Generate My Secret Now