Base64 Encoder / Decoder
Base64 Encoder & Decoder — encode text or files to Base64, decode back to text. URL-safe variant, file upload, instant copy. Free, no signup.
About Base64 Encoder / Decoder
Base64 Encoder / Decoder converts between binary and text using the Base64 alphabet — the standard way to safely transmit binary data through systems that only handle text. Type or paste text to encode, paste Base64 to decode, or upload a file to encode its raw bytes. Everything runs in your browser using native browser APIs.
This is the same encoding used by data URIs, JWT tokens, email attachments, basic HTTP auth headers, and countless API payloads. If you’ve ever seen a long string of letters, numbers, and +, /, = characters, that’s Base64.
Standard vs URL-safe
Standard Base64 produces output using the characters A-Z, a-z, 0-9, +, /, and = (for padding). Three of those characters cause problems when embedded in URLs:
+becomes a space when URL-decoded/confuses path parsers=is a reserved query character
The URL-safe variant (defined in RFC 4648 §5) replaces + with -, / with _, and drops trailing = padding. The result has the same length and decodes back to the same bytes — it’s just safe to drop into a query string, file path, or token.
When to use which:
- Standard: emails, JSON, XML, HTML/CSS data URIs, anywhere URLs aren’t involved
- URL-safe: JWT tokens, OAuth state, query string parameters, file names
Encoding files vs text
Encoding text is direct: take the characters, encode UTF-8 bytes, output Base64. Encoding a file means reading the file’s raw bytes (not its visible representation) and converting those. The tool handles both — paste text directly into the input, or click Upload file to encode any binary file.
The result of encoding a file is a long Base64 string that, when decoded, gives you back the exact same bytes. This is the mechanism behind data: URIs: an image embedded in CSS or HTML as data:image/png;base64,iVBOR… is just the PNG file’s bytes encoded in Base64.
Common gotchas
- UTF-8 vs Latin-1: The browser’s built-in
btoaonly handles Latin-1 bytes, which breaks on emojis or non-ASCII text. This tool wrapsbtoawith proper UTF-8 conversion, so all characters round-trip correctly. - Padding: Base64 output always has a length that’s a multiple of 4, padded with
=. URL-safe Base64 omits the padding. If you’re hand-rolling a decoder, make sure to re-add padding before decoding URL-safe input. - Whitespace: The decoder strips internal whitespace, so line-wrapped Base64 (common in PEM keys, email attachments) still decodes correctly.
Free, runs in your browser, no signup.
Frequently asked questions
Base64 is a binary-to-text encoding that represents binary data using only 64 printable ASCII characters. It exists because some systems (email, URLs, JSON, XML) can't safely transmit raw binary bytes. Common uses: embedding small images in CSS or HTML (data URIs), encoding API tokens, attaching files in email, storing binary data in JSON or YAML.
Standard Base64 uses three special characters that can break inside URLs: `+`, `/`, and `=`. The URL-safe variant (RFC 4648 §5) replaces them with `-`, `_`, and removes trailing `=` padding. Use URL-safe when embedding Base64 in URLs, query strings, JWT tokens, or file paths.
Yes. Click 'Upload file' in Encode mode to upload any file — the tool converts its raw bytes to Base64. Common use: encoding an image so you can embed it directly in HTML/CSS as a `data:` URI, or attaching binary data to a JSON API request.
No. Everything runs in your browser using the native `btoa` / `atob` functions and `TextEncoder`. Your text and files never leave your device. This matters when encoding credentials, internal tokens, or sensitive data.