Frequently Asked Questions
Everything you need to know about using JWTLab safely and effectively. Got a question? We've got answers! 🚀
Security & Privacy
Your security is our top priority
Do you store my tokens or keys?
No, never! All operations happen locally in your browser. Your data never leaves your device. We can't see what you're working on.
Is it safe to use with real tokens?
Use with caution! JWTLab is designed for development/testing. Avoid pasting production secrets into any online tool you don't fully control.
Features & Capabilities
What JWTLab can do for you
Which algorithms are supported?
HMAC: HS256, HS384, HS512
RSA: RS256, RS384, RS512
ECDSA: ES256, ES384, ES512
Can I generate key pairs here?
Absolutely! Generate RSA, EC, and EdDSA keys directly in your browser. Private keys are never uploaded and you can export in PEM or JWK format.
General Questions
Everything else you might wonder about
Does the Share button send my token?
No worries! Currently it only shares the site link. Future versions might support sharing non-sensitive configs using hash fragments—never secrets.
Do you support JWE (encrypted JWTs)?
Coming soon! JWE support is on our roadmap alongside JWKS tests, kid thumbprints, and code snippet generators for popular languages.