Base64 is one of those encoding schemes every developer encounters but rarely stops to fully understand. It shows up in JWT tokens, data URIs, email attachments, and API payloads.
What Is Base64?
Base64 is a binary-to-text encoding scheme that represents binary data using 64 printable ASCII characters (A–Z, a–z, 0–9, +, /). Every 3 bytes of binary data becomes 4 Base64 characters, so Base64-encoded data is about 33% larger than the original.
Why Is Base64 Used?
Base64 solves a specific problem: some systems (email protocols, URLs, JSON strings) can't handle raw binary data or all byte values. Base64 encodes binary as safe text that can pass through any text-based system unchanged.
- Images in CSS/HTML:
data:image/png;base64,iVBOR... - JWT tokens: Header and payload are Base64URL encoded
- HTTP Basic Auth:
Authorization: Basic dXNlcjpwYXNz - Email attachments: MIME encodes binary files as Base64
Base64 vs Base64URL
Standard Base64 uses + and / which are special characters in URLs. Base64URL replaces them with - and _ — safe for URLs and filenames. JWTs use Base64URL.
How to Encode / Decode Online
Use the Base64 Encoder/Decoder to:
- Encode any text or file to Base64
- Decode a Base64 string back to text or download as a file
- Convert images to Base64 data URIs (for CSS embedding)
- Switch between standard Base64 and Base64URL
Common Mistakes
- Confusing encoding with encryption: Base64 is not secure. Anyone can decode it. Use it for encoding, not hiding data.
- Double encoding: Encoding an already-Base64 string produces garbage output when decoded.
- Padding issues: Base64 strings should be padded to a multiple of 4 characters with
=. Missing padding causes decode errors in strict parsers.