Secret & API Key Generator
Cryptographically secure random strings for API keys, JWT secrets, and tokens. Generated in your browser — never sent anywhere.
Click generate to produce a secret. Nothing is sent anywhere.
Generating secrets one at a time and pasting them into Slack? localWiki keeps them in an encrypted secrets vault on your machine and injects them into your services with `lol run` — no more chasing the latest .env. Free for solo devs.
Download FreeHow it works
This generator uses the browser’s crypto.getRandomValues() Web Crypto API to produce cryptographically strong random bytes. The bytes are encoded into the format you pick — raw hex, standard base64, URL-safe base64, a custom alphanumeric alphabet, or a 64-character hex string sized for an HS256 JWT signing key.
For the alphanumeric format, the tool uses rejection sampling against a 256-value byte range so the resulting output is uniformly distributed across the enabled character set. No modulo bias.
Everything runs client-side. No network calls are made to generate or deliver the secret; it is produced in your browser and only written to your clipboard when you click copy. We deliberately do not offer a “save this secret” feature — that is what localWiki is for. Once a secret is generated, paste it into localWiki’s secrets vault and refer to it from your services via project-key injection with lol run.