Privacy Null

Redact JWT Tokens

Automatically detect and mask JSON Web Tokens before sending to AI. Restore them after getting the response.

Runs locally. Nothing uploaded.

// JWT in Authorization header
const headers = {
  'Authorization': 'Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c',
  'Content-Type': 'application/json'
};

// JWT in cookie
document.cookie = 'auth=eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyX2lkIjoiMTIzNDUiLCJleHAiOjE3MDQwNjcyMDB9.signature';

Features

Detects JWT tokens starting with "eyJ"

Works with Bearer tokens in headers

Handles JWTs in cookies and localStorage

Preserves token structure for AI understanding

Frequently Asked Questions

How does the tool detect JWT tokens?

JWTs have a distinctive format: three Base64-encoded segments separated by dots, always starting with "eyJ" (the Base64 encoding of {"alg"). Our regex pattern accurately identifies this structure.

Will AI understand the placeholders?

Yes! Placeholders like ⟦PTN:JWT:1:6F3A⟧ are designed to be human and AI-readable. They indicate the type of redacted data, making it easy for AI to provide relevant responses.

Can I restore multiple JWTs?

Absolutely. Each JWT gets a unique numbered placeholder (JWT:1, JWT:2, etc.) with a checksum for accurate restoration.