Logo

MonoCalc

/

JWS Tool

Encode/Decode

Operation Mode

Symmetric secret (≥32 bytes recommended)

Inputs

Output

Fill in the payload and key, then click Sign

About This Tool

🔐 JSON Web Signature (JWS) – Sign, Verify & Decode

A JSON Web Signature (JWS) is a compact, URL-safe representation of digitally-signed or MAC-protected content defined by RFC 7515. JWS is the cryptographic backbone behind the widely-used JSON Web Token (JWT) standard and is used wherever APIs need to ensure the integrity and authenticity of transmitted data — from authentication tokens to webhook payloads and API request signing.

🏗️ How a JWS Token Is Structured

A compact-serialized JWS token consists of three Base64URL-encoded sections separated by dots: HEADER.PAYLOAD.SIGNATURE.

PartColorContentExample
Header

Red

Algorithm (alg) + optional type (typ), key ID (kid){ "alg": "HS256", "typ": "JWT" }
Payload

Purple

Any JSON object — standard JWT claims or custom data{ "sub": "1234", "exp": 1700003600 }
Signature

Green

Cryptographic signature over BASE64URL(header).BASE64URL(payload)SflKxwRJSMeK…
Security note
The payload is only encoded, not encrypted. Anyone can decode and read the payload of a JWS token. Never store sensitive secrets (passwords, SSNs, PII) directly in the payload — use JWE (JSON Web Encryption) if confidentiality is required.

🔑 Supported Algorithms

JWS supports three families of cryptographic algorithms. Your choice depends on whether you need a shared secret (symmetric) or a public/private key pair (asymmetric):

FamilyAlgorithmsKey TypeBest For
HMACHS256, HS384, HS512Symmetric secretServer-to-server where both parties share a secret
RSARS256, RS384, RS512, PS256, PS384, PS512RSA key pairPublic key distribution (OAuth 2.0, OpenID Connect)
ECDSAES256, ES384, ES512EC key pairSmaller key sizes with equivalent security to RSA

⚙️ The Three Operation Modes

🔏 Sign Mode

Enter a JSON payload (such as standard JWT claims like sub, iat,exp), select your algorithm, and provide a secret or private key. The tool generates a compact JWS token with a color-coded breakdown of all three parts.

✅ Verify Mode

Paste an existing JWS token and provide the matching secret (for HMAC) or public key (for RSA/EC). The tool cryptographically verifies the signature and clearly shows whether it is valid or invalid — along with the decoded header and payload for inspection.

🔍 Decode Mode

Instantly decode and pretty-print the header and payload of any compact JWS token — no key required. This is invaluable for debugging, inspecting expiry times, checking the algorithm used, or understanding the contents of a token from an API response.

📋 Common JWT Claims Reference

ClaimFull NameDescription
issIssuerEntity that issued the token (e.g., "auth.myapp.com")
subSubjectEntity the token represents (e.g., a user ID)
audAudienceIntended recipient(s) of the token
expExpiration TimeUnix timestamp after which the token is invalid
nbfNot BeforeUnix timestamp before which the token is not yet valid
iatIssued AtUnix timestamp when the token was issued
jtiJWT IDUnique identifier for the token, used to prevent replay attacks

🛡️ Security Best Practices

  • Never use the none algorithm — a token with no signature provides zero authenticity guarantees and is a known attack vector.
  • Always validate exp — reject tokens whose expiry timestamp is in the past, even if the signature is valid.
  • Prefer asymmetric algorithms (RS256, ES256) for public-facing APIs where multiple services need to verify tokens but only one service should sign them.
  • Use HMAC (HS256) only when all parties that verify tokens are also trusted to sign them — since the same key can both sign and verify.
  • Keep secrets and private keys out of client-side code — tokens should be generated and signed on a secure server, never in the browser in production.

💻 Implementation Examples

// Node.js / Browser — using the 'jose' library
import { SignJWT, jwtVerify, decodeJwt } from 'jose';

// Sign a JWT (JWS with JSON payload)
const secret = new TextEncoder().encode('your-256-bit-secret');
const token = await new SignJWT({ sub: '1234', name: 'Alice' })
  .setProtectedHeader({ alg: 'HS256' })
  .setIssuedAt()
  .setExpirationTime('1h')
  .sign(secret);

// Verify a JWT
const { payload } = await jwtVerify(token, secret);
console.log(payload); // { sub: '1234', name: 'Alice', iat: ..., exp: ... }

// Decode without verification (for inspection only)
const claims = decodeJwt(token);
console.log(claims);

All cryptographic operations in this tool run entirely in your browser using the jose library backed by the browser's native WebCrypto API — no data is ever sent to a server. Use the Generate Test Key button to quickly create algorithm-appropriate keys for experimentation.

Frequently Asked Questions

Is the JWS Tool free?

Yes, JWS Tool is totally free :)

Can I use the JWS Tool offline?

Yes, you can install the webapp as PWA.

Is it safe to use JWS Tool?

Yes, any data related to JWS Tool only stored in your browser (if storage required). You can simply clear browser cache to clear all the stored data. We do not store any data on server.

What is a JSON Web Signature (JWS) and how does this tool work?

A JSON Web Signature (JWS) is a compact, URL-safe representation of content secured with a digital signature or MAC, defined by RFC 7515. This tool lets you sign a JSON payload with a chosen algorithm and key, verify an existing JWS token's signature, or decode and inspect the header and payload without verifying — all running locally in your browser using the WebCrypto API.

What algorithms does this JWS tool support?

It supports HMAC algorithms (HS256, HS384, HS512) which use a symmetric shared secret, RSA algorithms (RS256, RS384, RS512 and PS256, PS384, PS512) which use a public/private key pair, and Elliptic Curve algorithms (ES256, ES384, ES512) plus EdDSA (Ed25519). HS256 is the most common choice for APIs due to its simplicity.

What is the difference between JWS and JWT?

A JSON Web Token (JWT) is a specific application of JWS where the payload is a JSON object containing standard claims (sub, iss, exp, iat, etc.). JWS is the broader standard (RFC 7515) describing how any content can be signed. In practice, most JWTs you encounter are compact-serialized JWS tokens with a JSON payload.

Is my secret key or private key safe when using this tool?

Yes. All cryptographic operations run entirely in your browser using the `jose` library and the browser's built-in WebCrypto API — no data is ever sent to any server. Your keys remain on your device. As a general best practice, avoid pasting production secrets into online tools; use this tool for development, testing, and learning.

What key format should I use for RSA or ECDSA signing?

For RSA and EC algorithms, paste the key in PEM format. Private keys should be in PKCS#8 format (-----BEGIN PRIVATE KEY-----) for signing, and public keys in SPKI format (-----BEGIN PUBLIC KEY-----) for verification. You can generate a test keypair using the 'Generate Test Key' button in Sign mode.

What does the Decode mode do exactly?

Decode mode base64url-decodes the header and payload parts of any compact JWS token and displays them as formatted JSON — without verifying the cryptographic signature. This is useful for quickly inspecting a token's claims, checking the algorithm used, or debugging expired tokens without needing the signing key.