Free Online Developer Tools
JWT decoder, Base64, URL encoder, timestamp converter, secret generator, and code minifiers — all running in your browser with zero setup.
Featured Developer Tools
About Developer Tools
Every developer needs a toolkit of quick-access utilities: decode a JWT token, encode a URL parameter, convert a Unix timestamp, generate a secure API key. These are daily tasks that shouldn't require installing software or remembering complex command-line syntax.
**JWT Decoder**
Decode any JWT token instantly to see the header algorithm, payload claims, and expiry. Useful for debugging authentication issues in API development and verifying token contents without needing the secret key.
**Base64 Encoder / Decoder**
Encode and decode Base64 strings and files. Supports standard Base64 and URL-safe Base64. Useful for handling binary data in APIs, embedded assets, and JWT payloads.
**URL Encoder / Decoder**
Encode and decode URL components and query parameters. Essential for building API requests, debugging redirects, and handling special characters in URLs.
**Timestamp Converter**
Convert Unix timestamps to human-readable dates and vice versa. Shows local time, UTC, relative time ("3 hours ago"), and multiple format options. Invaluable for debugging logs and API responses.
**Secret Generator**
Generate cryptographically random passwords, API keys, JWT secrets, and tokens with configurable length and character sets. Browser-generated randomness that never leaves your device.
**Code Minifiers**
CSS, HTML, and JavaScript minifiers remove whitespace and comments to reduce file size for production deployments.
How-To Guides
- 1Copy your JWT token (it looks like three base64 strings separated by dots).
- 2Open the JWT Decoder and paste the token.
- 3View the decoded header (algorithm, type) and payload (claims, expiry).
- 4Check the expiry time — the exp claim is a Unix timestamp showing when the token expires.
- 1Open the Base64 Encoder / Decoder.
- 2To encode: paste your text or upload a file and click Encode.
- 3To decode: paste the Base64 string and click Decode.
- 4Use "URL-safe Base64" mode for values used in URLs (replaces + and / with - and _).
- 1Open the Secret Generator.
- 2Set the length (32 characters is standard for API keys, 64 for JWT secrets).
- 3Choose the character set: alphanumeric for API keys, hex for cryptographic keys.
- 4Click Generate and copy the key. Generate a new one if you want a different value.
All Developer Tools (10)
Frequently Asked Questions
Is the JWT Decoder secure to use?
Yes. JWT decoding is done entirely in your browser. The token is never sent to any server. You can decode tokens containing sensitive claims safely.
Can I verify a JWT signature?
The JWT Decoder shows the decoded header and payload. Signature verification requires the secret key and is not currently supported (by design, for security reasons).
What is the difference between URL encoding and Base64?
URL encoding (percent-encoding) converts special characters for use in URLs. Base64 converts binary data into ASCII text. They solve different problems — use URL encoding for query parameters, Base64 for binary data.
Are the generated secrets truly random?
Yes. The Secret Generator uses the browser's built-in cryptographic random number generator (crypto.getRandomValues()), which is suitable for security-sensitive applications.
Can I minify a whole website's CSS?
The CSS Minifier processes one file at a time. For build pipelines, consider integrating PostCSS or esbuild. The minifier is ideal for quick one-off optimisations.