What is the Symmetric Crypto Token Generator?
A fully local implementation that encodes distinct JSON payloads into strict Base64Url layouts and securely applies an HS256 (HMAC with SHA-256) signature.
How it Works under the hood
When simulating authentication tokens for API testing, developers often use online generators which maliciously intercept the `Secret Key`. This tool operates 100% offline via the navigator's `window.crypto.subtle` API. It imports the specified symmetric secret into a cryptographic buffer, hashes the encoded Header and Payload simultaneously, and binds the Base64 signature suffix dynamically on every keystroke.
SysAdmin & Security Use Cases
- »Forge privileged tokens (`admin: true`) to assess Role-Based Access Control (RBAC) vulnerabilities in custom backends.
- »Simulate exact JWT expiration (`exp` claim) behaviors during local SSO (Single Sign-On) integration tests.
- »Generate custom tokens securely without exposing production private keys to external online utilities.