Skip to content
ZeroServer.tools

JWT Secret Generator

Generate a cryptographically secure random secret for signing JSON Web Tokens via HMAC-SHA256/384/512.

Security note

Never hardcode this secret in source code. Store it in an environment variable (e.g. JWT_SECRET) and load it at runtime. Rotate secrets immediately if they are ever exposed. Generated locally — never transmitted.

How to choose a JWT signing secret

JSON Web Tokens signed with HMAC (HS256/HS384/HS512) require a shared secret. The security of your tokens depends entirely on the strength of this secret. NIST recommends at least 256 bits of entropy for HMAC-SHA256 keys. This tool generates secrets with crypto.getRandomValues, which draws from your operating system's hardware entropy pool — far stronger than Math.random(). Always use a unique secret per environment (development, staging, production) and never share secrets across services.

Private & free — this tool runs entirely in your browser.

Post on XBuy me a $3 coffeeFound a bug?
Recommended: IndieKit Ship your Next.js startup in days.affiliate

Related Cryptography & Security tools

Password Generator
Generate strong, random passwords locally.
Hash Generator
Generate MD5, SHA-1, SHA-256, and SHA-512 hashes locally.
JWT Decoder
Decode JSON Web Tokens instantly and offline.
Bcrypt Generator
Generate and verify Bcrypt hashes with custom salt rounds.
MD5 Hash Generator
Generate an MD5 hash from any text.
SHA-1 Hash Generator
Generate a SHA-1 hash from any text.
SHA-256 Hash Generator
Generate a SHA-256 hash from any text.
SHA-512 Hash Generator
Generate a SHA-512 hash from any text.