Base64url encoding converts UTF-8 text to URL-safe Base64 without +, /, or padding—the alphabet used in JWT segments, OAuth state parameters, and many API tokens that must travel in URLs without extra escaping.
How it works
The input string is encoded to bytes with UTF-8, then each group of three bytes becomes four characters from the URL-safe alphabet. Standard + and / are replaced by - and _, and trailing = padding is omitted when the byte length is not a multiple of three. The result is safe to embed in paths, query values, and cookie payloads.
When to use it
- Encode binary-safe text for URL paths and query parameters
- Debug JWT header and payload segments manually before signing
- Pair with the Base64url decoder for round-trip validation in agent pipelines
- Produce tokens for local OAuth or webhook testing without a CLI
Example
The text hello encodes to a short alphanumeric string using only A–Z, a–z, 0–9, -, and _. Re-decoding with the companion tool returns the original word.
Limitations
Encoding is not encryption—anyone can decode the output. Empty input is rejected. This tool does not split, sign, or validate JWT structure; use the jwt tools for HS256 signing and verification.