Related Developer Tools
Explore more free developer tools to speed up debugging, testing, and development.
The most complete Base64 tool — text, files, multi-level, URL-safe and MIME — all processed privately in your browser.
From API headers to JWT tokens to file embedding — Base64 is everywhere in modern development. Here's how it works, when to use it, and how this tool covers every scenario.
Output updates instantly as you type — no button click required.
Nothing is uploaded. All encoding runs in your browser sandbox.
Standard, URL-Safe (JWT-ready), and MIME (RFC 2045) in one tool.
Encode images, PDFs, and binary files directly — no CLI required.
Base64 is a binary-to-text encoding scheme that converts arbitrary binary data into a sequence of 64 printable ASCII characters. It was designed to safely transport binary content — like images, certificates, or files — through channels that only support text, such as email (SMTP), HTTP headers, and JSON payloads.
The algorithm processes input in 3-byte chunks and maps each group to 4 Base64 characters. If the input length isn't divisible by 3, = padding characters are appended. This results in output that is approximately 33% larger than the original binary data.
Base64 uses exactly 64 characters to represent 6-bit binary values (2⁶ = 64). The standard alphabet is:
A–Z → indices 0–25 (uppercase) a–z → indices 26–51 (lowercase) 0–9 → indices 52–61 (digits) + → index 62 (standard) / → index 63 (standard) = → padding only (not a value) URL-Safe variant: + → - (safe in URLs) / → _ (safe in URLs)
Select any example below, copy the input or output, and paste it into the encoder above to verify.
Hello, World!
SGVsbG8sIFdvcmxkIQ==
💡 Standard Base64 encoding. Note the == padding at the end.
Choosing the wrong Base64 variant is a common source of bugs. Here's when to use each one.
| Variant | Special Chars | Best For | RFC |
|---|---|---|---|
| Standard | + / = | General data encoding, email attachments, JSON payloads | RFC 4648 §4 |
| URL-Safe | - _ = | JWT tokens, OAuth params, query strings, cookie values, filenames | RFC 4648 §5 |
| MIME | + / = + line breaks | Email body/attachments, S/MIME, PEM certificates | RFC 2045 |
Type or paste any text in the input panel. The Base64 output updates live. Switch variants (Standard / URL-Safe / MIME) from the toolbar.
Paste a Base64 string — the tool auto-detects if you are encoding or decoding based on the content. The decoded plain text appears instantly in the output.
Click the File tab to drag & drop or select any binary file (image, PDF, audio). The encoder reads it as binary and produces a complete Base64 data string.
Use the Level selector to encode 2× or 3× in sequence — useful for QA testing decoders, verifying multi-pass pipelines, or security research.
A very common misconception is that Base64-encoding data makes it secure or secret. It does not. Base64 is a reversible encoding scheme — any person or system with the encoded string can decode it back to the original plaintext instantly, without any password or key.
If you need to protect sensitive data, use proper cryptographic mechanisms:
AES-256-GCM for encrypting data at rest or in transit with a shared secret key.
RSA or ECDSA for public/private key scenarios like TLS, signing, and key exchange.
SHA-256, bcrypt, or Argon2 for storing passwords and verifying data integrity.
💡 Base64 is safe for encoding API keys in Authorization headers only because HTTPS encrypts the transport layer — not because Base64 itself provides security.
Data URIs let you embed binary files directly in HTML and CSS without external requests. The format is data:[type];base64,[encoded]. This is common for small icons, inline fonts, and email images.
<!-- PNG image embedded as a data URI -->
<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAUA
AAAFCAYAAACNbyblAAAAHElEQVQI12P4
BCATAAAABQABIwIRAU..." alt="icon" />
<!-- CSS background image as data URI -->
<style>
.logo {
background-image: url('data:image/svg+xml;base64,
PHN2ZyB4bWxucz0iaHR0cDovL3d3dy53My5vcmcvMjAw...');
}
</style>Use the File tab in the encoder above to convert any image to a Base64 string, then wrap it in the data:[type];base64, prefix to create a data URI.
JSON Web Tokens (JWT) are composed of three Base64URL-encoded sections separated by dots: header.payload.signature. The header and payload are just Base64URL-encoded JSON — you can decode them instantly with this tool.
// Example JWT (abbreviated)
eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJ1c2VyXzEyMyIsInJvbGUiOiJhZG1pbiJ9.sig
// Step 1: Split by "."
Header: eyJhbGciOiJSUzI1NiJ9
Payload: eyJzdWIiOiJ1c2VyXzEyMyIsInJvbGUiOiJhZG1pbiJ9
Signature: sig (binary — cannot be decoded to readable text)
// Step 2: Switch to URL-Safe variant in the tool
// Step 3: Paste the Header segment → decoded JSON:
{ "alg": "RS256" }
// Step 4: Paste the Payload segment → decoded JSON:
{ "sub": "user_123", "role": "admin" }⚠️ Never verify JWT authenticity by just decoding the payload — always validate the signature server-side using the correct public key.
Everything a developer needs to work with Base64 — in one free, browser-based tool.
Output refreshes with every keystroke. No submit button. No waiting.
Automatically identifies if your input is raw text or a Base64 string and switches mode accordingly.
Encode images, PDFs, audio, and any binary file to Base64 using the File tab — handles large files without blocking the UI.
Export the encoded or decoded result as a file to your local file system with one click.
Encode up to 3× in sequence. Useful for QA, security testing, and verifying multi-pass decode pipelines.
Switch to URL-Safe variant for JWT, OAuth, and query string use — no percent-encoding needed.
Common questions about Base64 encoding, decoding, and when to use each variant.
Explore more free developer tools to speed up debugging, testing, and development.