Loading...
Encode text to Base64 or decode Base64 back to text. Auto-converts as you type. Your data never leaves your browser.
Text Input
Base64 Output
Pro tip
Base64-encoded secrets in configs? Git AutoReview detects hardcoded credentials and Base64-encoded API keys in your PRs.
Type or paste text into the input box and the tool encodes or decodes it automatically — no button needed. Switch between Encode and Decode mode using the toggle button or press Ctrl+Enter.
To encode a file (image, PDF, etc.), click Upload or drag and drop. The tool outputs a data URI you can embed directly in HTML or CSS. This is handy for inlining small icons or embedding images in emails.
Embedding images in HTML and CSS is the most common use case. Instead of a separate HTTP request for a small icon, you can inline it as a Base64 data URI. This reduces requests but increases HTML size by about 33%.
API authentication often involves Base64. HTTP Basic Auth encodes username:password as Base64. JWT tokens contain Base64url-encoded header and payload sections. OAuth tokens frequently arrive as Base64 strings.
Email attachments use Base64 encoding (MIME) to send binary files through text-only email protocols. Every attachment you have ever sent was Base64 encoded behind the scenes.
Configuration files sometimes store binary data as Base64. Kubernetes secrets, for example, are Base64-encoded by default (though this provides zero security — it is just encoding).
People confuse these constantly but they solve completely different problems. Base64 turns binary data into printable text. URL encoding makes text safe for URLs by swapping special characters to %XX sequences. In practice you often need both — Base64-encode a file, then URL-encode the result to stuff it into a query parameter.
Standard Base64 outputs + and / characters, which break URLs. URL-safe Base64 (Base64url) swaps those for - and _ and drops the = padding. JWT tokens use Base64url for exactly this reason — RFC 7519 requires it.
API keys, tokens, and credentials are frequently Base64-encoded. Decoding them on a server means sending sensitive data over the network. This tool processes everything in your browser — nothing leaves your machine.
The tool auto-computes as you type — no manual trigger needed. Press Ctrl+Enter to toggle between encode and decode mode. Press Ctrl+Shift+C to copy the output.
Turns binary data into printable text using 64 ASCII characters. That is how images get inlined in HTML, attachments travel through email, and binary survives inside JSON and URLs.
Yes. Encoding and decoding happens entirely in your browser using the built-in btoa() and atob() functions. Your data is never sent to any server.
No. Base64 is encoding, not encryption. Anyone can decode Base64 text back to the original. It provides no security. Never use Base64 to protect sensitive information.
Base64 increases data size by about 33%. Every 3 bytes of input become 4 characters of output. A 75KB image becomes roughly 100KB when Base64 encoded.
A-Z, a-z, 0-9, plus (+), and slash (/), with = for padding. URL-safe variant swaps + for - and / for _ because the originals break URLs.
Yes. Upload an image file using the Upload button and the tool converts it to a Base64 data URI that you can embed directly in HTML or CSS.
Paste the Base64 string and click Decode. If it is a data URI (starts with data:image/...), the tool shows the decoded image. For text content, it shows the decoded text directly.
Since everything runs in your browser, it handles text up to several megabytes. For very large files (50MB+), your browser may slow down.
The tool auto-computes as you type. Ctrl+Shift+C copies the output. Ctrl+Enter toggles between encode and decode mode.
Developer Toolkit by Git AutoReview
Free tools for developers. AI code review for teams.