All tools

JWT Builder (unsigned preview)

JWT

Build a JWT header and payload preview with standard claims — unsigned, pair with JWT Signer to sign it

Fill in standard JWT claims (`sub`, `iss`, `aud`, `exp`) plus any custom claims, and see exactly the header and payload JSON that would go into a token, along with a base64url-encoded unsigned preview ending in a `<signature>` placeholder. This tool never signs anything: it's meant for drafting and reviewing a payload shape before you sign it for real, either with the JWT Signer tool here or your own backend's JWT library. Everything runs client-side, so nothing you type is sent anywhere.

jwttokenclaimspayloadunsigned

How to use JWT Builder (unsigned preview)

  • 1.Fill in sub, iss, aud, and an expiry time to see the resulting JWT payload as JSON.
  • 2.Add custom claims as a JSON object to include application-specific fields like role or teamId.
  • 3.Copy the header and payload JSON into the JWT Signer tool (or your own backend) once you're happy with the shape, to get an actual signed token.

Frequently asked questions

Does this produce a signed JWT?
No — this only builds and previews the header and payload as unsigned JSON, with a `<signature>` placeholder in the encoded preview. Use the JWT Signer tool to actually sign a token.
Is anything sent to a server?
No, the header, payload, and preview are all built entirely in your browser.
What claims does it set by default?
iss, sub, aud, iat (now), and exp (1 hour from now) are filled in with placeholder defaults, which you can override, plus any custom claims you add.
Why does the encoded preview end in <signature>?
Because there is no signature — the preview shows exactly what the header.payload portion of a real JWT would look like once base64url-encoded, with a literal placeholder standing in for where a signature would go.

Use via API, SDK, or MCP

cURL# Free: 1,000 req/day · Pro: 10,000 req/day
curl -X POST https://api.utilix.tech/v1/tools/jwt-builder \
  -H "Authorization: Bearer utx_live_..." \
  -H "Content-Type: application/json" \
  -d '{"sub": "user123", "iss": "my-app", "aud": "my-api"}'

This builds an unsigned header + payload preview only — pair with jwt-sign to get an actual signed token.

Get an API key from your dashboard · Full API docs →