Base64
EncodingEncode or decode text with UTF-8 safe Base64.
What this tool helps with
Base64 represents binary or text data as 64 printable ASCII characters, which is why it shows up in data URIs, email attachments, JWT segments, and HTTP basic-auth headers. This encoder/decoder is UTF-8 safe, so emoji and non-Latin scripts round-trip correctly instead of mangling the way a raw btoa() call would. Encoding and decoding happen entirely in your browser — nothing is uploaded — so it is safe to paste tokens or credentials while debugging.
How to use Base64
- Open the Base64 page and paste, type, or generate the base64 input you want to work with.
- Pick the options you need so the tool can encode or decode text with UTF-8 safe Base64
- Copy the encode result with one click and use it in your next step — terminal, editor, ticket, or anywhere else you need it.
Common uses
- Inspect the payload of a data: URI or an inlined image/font.
- Hand-decode the segments of a JWT to check claims without a library.
- Build or read an HTTP Basic auth header (base64 of user:pass).
FAQ
Why does btoa() throw on my string but this works?
btoa() only accepts characters in the Latin-1 range, so any emoji or non-Latin character throws an InvalidCharacterError. This tool encodes the string as UTF-8 bytes first, then Base64s those bytes, which is the correct way to handle Unicode.
Is Base64 encryption?
No. Base64 is reversible by anyone with no key. It is an encoding for safe transport, not a way to hide data. Use the AES-GCM encryption tool if you need confidentiality.
What is URL-safe Base64?
A variant that replaces + and / with - and _ and usually drops padding, so the result is safe inside URLs and JWT segments. Standard Base64 can break when placed in a query string.
Does my input get uploaded?
No. The encode/decode runs in your browser. You can disconnect from the network and it still works, which is why pasting a token here to inspect it is safe.