Back

Base64 Encoder/Decoder

Base64 is a binary-to-text encoding scheme that represents binary data using 64 ASCII characters. It's commonly used to embed binary data in text-based formats like JSON, XML, and URLs. This tool decodes Base64 to reveal the original content and automatically detects if the result is JSON, XML, or other parseable formats.

Specifications

Common Use Cases

  • Decode Base64-encoded API payloads and webhooks
  • Inspect encoded data in JWT tokens
  • Decode email attachments (MIME Base64)
  • Debug encoded error messages and stack traces
  • View encoded configuration values in environment variables

Features

  • Decode standard Base64 to UTF-8 text
  • Handle URL-safe Base64 variants (- and _ instead of + and /)
  • Auto-detect decoded content type (JSON, XML, etc.)
  • Chain to appropriate parser when structured data is detected
  • Encode text to Base64
  • Image preview for decoded binary image data
  • Hex viewer for non-UTF-8 binary data
  • Format detection badge (Standard / URL-Safe / Mixed)

Examples

Encoded JSON

Try it →

A Base64 string that decodes to a JSON object.

eyJuYW1lIjoiRGVjb2RlVGhpcyIsInZlcnNpb24iOiIxLjAuMCJ9

Simple Text

Try it →

A Base64-encoded greeting message (decodes to "Hello, World!").

SGVsbG8sIFdvcmxkIQ==

Tips

  • Base64 is encoding, not encryption. It provides no security.
  • The = padding at the end can be omitted in some implementations.
  • URL-safe Base64 replaces + with - and / with _ to avoid URL encoding issues.
  • Base64 increases data size by approximately 33%.

Understanding Base64 Encoder/Decoder

Base64 is a binary-to-text encoding scheme defined in RFC 4648 that represents arbitrary binary data using 64 printable ASCII characters (A-Z, a-z, 0-9, +, /) plus the padding character (=). Its primary purpose is to transport binary data through text-based systems that may not handle raw bytes correctly, such as email, JSON payloads, XML documents, and URL parameters.

The encoding process takes every three bytes (24 bits) of input and divides them into four 6-bit groups. Each 6-bit value maps to one of the 64 characters. When the input length is not a multiple of three bytes, padding with one or two = characters fills the output to a multiple of four characters. This means Base64-encoded data is approximately 33% larger than the original.

Two main variants exist. Standard Base64 uses + and / and is used in MIME email encoding. URL-safe Base64 (base64url) replaces + with - and / with _ to avoid URL-reserved characters. JWT tokens use the URL-safe variant without padding. Some implementations omit trailing = padding since the original data length can be inferred.

Base64 appears everywhere in web development. Data URIs embed images and fonts in HTML/CSS. JWT tokens are three Base64url-encoded segments. SAML messages are Base64-encoded XML. API responses may encode binary content as Base64 within JSON. Importantly, Base64 is encoding, not encryption — it provides zero security or confidentiality.

Base64 is not a form of encryption and should never be treated as one. It transforms data into a different representation without any key or secret, and anyone can decode a Base64 string instantly. If sensitive data is encoded in Base64, it is completely exposed. For data that needs to remain secret, use actual encryption algorithms like AES or RSA. Standard Base64 uses + and / as characters 62 and 63, while URL-safe Base64 (base64url, defined in RFC 4648 Section 5) replaces them with - and _ because + and / have special meaning in URLs. JWT tokens always use the URL-safe variant without padding.

The = padding characters ensure the encoded output length is always a multiple of 4 characters. Since Base64 encodes 3 bytes into 4 characters, inputs whose length is not a multiple of 3 need padding: 1 remainder byte produces ==, and 2 remainder bytes produce =. Some implementations, including JWT, omit padding entirely since the decoder can calculate the original length from the encoded string length.

The 33% size increase is inherent to the encoding: every 3 bytes (24 bits) become 4 ASCII characters (32 bits), a fixed 4/3 expansion ratio that cannot be reduced. If size is a concern, compress the data before encoding. For large binary assets, consider proper binary transfer mechanisms like multipart uploads or binary WebSocket frames rather than embedding Base64 in text formats.

← Back to all tools