Base64Fix.ai — Encoding Tools
URL-Safe Base64 Decoder & Encoder
Auto-detects and handles URL-safe Base64 (the variant used by JWTs, most web APIs, and OAuth). No manual conversion needed.
🔗 Decode URL-Safe Base64Standard vs URL-Safe Base64
Standard Base64 (RFC 4648 §4) uses the characters + and / in its alphabet. These are special characters in URLs — + means space, and / separates path segments. URL-safe Base64 (RFC 4648 §5) replaces them.
| Property | Standard Base64 | URL-Safe Base64 |
|---|---|---|
| Char 62 | + | - |
| Char 63 | / | _ |
| Padding | == or = | Often omitted |
| RFC | RFC 4648 §4 | RFC 4648 §5 |
| Used in | MIME, email | JWTs, OAuth, URLs |
Where URL-Safe Base64 Appears
JWT tokens
All three parts of a JWT are URL-safe Base64 encoded (no padding).
OAuth 2.0
State parameters and PKCE code challenges use URL-safe Base64.
Google APIs
Many Google API tokens and identifiers use URL-safe encoding.
AWS signatures
Some AWS signing components use URL-safe Base64.
Converting Between Variants
// Standard → URL-safe const urlSafe = standard .replace(/\+/g, "-") .replace(/\//g, "_") .replace(/=/g, ""); // strip padding // URL-safe → Standard (for atob()) const standard = urlSafe .replace(/-/g, "+") .replace(/_/g, "/") + "==".slice(0, (4 - urlSafe.length % 4) % 4);
Base64Fix.ai handles this conversion automatically — just paste and decode.
Decode URL-Safe Base64 — Free
Auto-detects the variant. No manual conversion needed.
Open Base64Fix.ai →