Base64 Encode Decode Online: How It Works and When to Use It

Need to base64 encode or decode online right now? Use our free Base64 Encoder/Decoder — paste any text or binary data, get the encoded or decoded result instantly in your browser. No data is sent to any server.

This guide explains what base64 encoding is, when you actually need it, how to use it in JavaScript and Python, and the most common pitfalls developers run into when working with base64.

What Is Base64 Encoding?

Base64 is an encoding scheme that converts binary data into a string of 64 printable ASCII characters: A–Z, a–z, 0–9, +, and / (with = as padding). It was designed to safely transport binary data through systems that only handle text — like email (MIME), HTTP headers, URLs, and JSON.

Base64 is an encoding, not encryption. It does not protect data — anyone can decode a base64 string trivially. Its purpose is to make binary data safely transmittable as text.

How the Encoding Works

Base64 takes every 3 bytes of input (24 bits) and splits them into four 6-bit groups. Each 6-bit group maps to one of 64 characters. This means base64-encoded data is about 33% larger than the original: every 3 bytes becomes 4 characters.

Input:  "Man" (3 bytes)
Binary: 01001101 01100001 01101110
Groups: 010011  010110  000101  101110
Base64: T       W       F       u

When Do You Actually Need Base64?

Embedding Images in HTML or CSS

You can embed small images directly in HTML or CSS using base64 Data URLs, eliminating an HTTP request:

<img src="data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAA..." />

This is useful for icons, favicons, and small UI elements where the extra request latency is not worth it. For large images, base64 inflates file size and is not recommended.

HTTP Basic Authentication

The HTTP Authorization header for Basic Auth uses base64 to encode credentials:

Authorization: Basic dXNlcjpwYXNzd29yZA==

This is user:password encoded in base64. Note: this is not secure on its own — HTTPS is required. The encoding just makes the header safe to transmit as ASCII.

JWT Tokens

JSON Web Tokens consist of three base64url-encoded sections (header, payload, signature) joined by dots. When you decode the middle section (payload) of a JWT, you get the claims JSON. Our Base64 Decoder can decode JWT payloads — just paste the middle section between the dots.

Sending Binary Data in JSON APIs

JSON only supports text. When an API needs to transfer binary files (images, PDFs, certificates) as part of a JSON payload, base64 encoding is the standard approach:

{
  "filename": "invoice.pdf",
  "content": "JVBERi0xLjQKJeLjz9MKMSAwIG9iag..."
}

Storing Binary Data in Text Fields

Databases like Redis (when used as a string store) or certain NoSQL systems store binary blobs as base64-encoded strings. Cryptographic keys and certificates are commonly stored this way.

How to Base64 Encode and Decode in JavaScript

Using the Built-in btoa() and atob()

// Encode a string to base64
const encoded = btoa('Hello, World!');
console.log(encoded);
// "SGVsbG8sIFdvcmxkIQ=="

// Decode a base64 string
const decoded = atob('SGVsbG8sIFdvcmxkIQ==');
console.log(decoded);
// "Hello, World!"

Important limitation: btoa() only handles ASCII strings. For Unicode characters (emoji, accented letters, etc.), you need to encode via UTF-8 first:

// Encode Unicode string to base64
function encodeUnicode(str) {
  return btoa(
    encodeURIComponent(str).replace(
      /%([0-9A-F]{2})/g,
      (_, p1) => String.fromCharCode(parseInt(p1, 16))
    )
  );
}

// Decode base64 to Unicode string
function decodeUnicode(base64) {
  return decodeURIComponent(
    atob(base64)
      .split('')
      .map(c => '%' + c.charCodeAt(0).toString(16).padStart(2, '0'))
      .join('')
  );
}

console.log(encodeUnicode('Hello 🌍'));
// "SGVsbG8g8J+MjQ=="

Node.js (Buffer-based)

// Encode
const encoded = Buffer.from('Hello, World!').toString('base64');
console.log(encoded);
// "SGVsbG8sIFdvcmxkIQ=="

// Decode
const decoded = Buffer.from('SGVsbG8sIFdvcmxkIQ==', 'base64').toString('utf-8');
console.log(decoded);
// "Hello, World!"

Node.js Buffer handles Unicode correctly without any extra work. This is the preferred approach for server-side JavaScript.

How to Base64 Encode and Decode in Python

import base64

# Encode
original = "Hello, World!"
encoded = base64.b64encode(original.encode('utf-8'))
print(encoded)
# b'SGVsbG8sIFdvcmxkIQ=='

# Encode to string (not bytes)
encoded_str = encoded.decode('utf-8')
print(encoded_str)
# 'SGVsbG8sIFdvcmxkIQ=='

# Decode
decoded = base64.b64decode(encoded_str).decode('utf-8')
print(decoded)
# 'Hello, World!'

Python's base64 module also handles URL-safe base64 (using - and _ instead of + and /) with b64encode variants urlsafe_b64encode and urlsafe_b64decode.

Base64 vs Base64URL

Standard base64 uses + and / as the 62nd and 63rd characters, plus = for padding. These characters have special meaning in URLs, so base64url replaces them:

• + → -
• / → _
• Padding (=) is often omitted

JWT tokens use base64url encoding. If you are decoding a JWT section, use base64url decode, not standard base64.

Frequently Asked Questions

Is base64 the same as encryption?

No. Base64 is an encoding scheme — it is completely reversible and provides zero security. Anyone can decode a base64 string. For encryption, use AES, RSA, or other cryptographic algorithms. Base64 is only for making binary data safe to transmit as text.

Why does base64 output end with == or =?

Base64 encodes 3 bytes at a time into 4 characters. When the input length is not a multiple of 3, padding characters (=) are added to make the output length a multiple of 4. One = means 1 byte of padding; == means 2 bytes of padding.

Can I base64-encode a file (not just text)?

Yes. Any binary data can be base64-encoded — images, PDFs, executables, certificates. Our Base64 tool supports text input; for file encoding you would typically use command-line tools (base64 -i file.png on macOS/Linux) or a programming language's base64 library.

What is the size overhead of base64 encoding?

Base64-encoded data is approximately 33% larger than the original binary. Every 3 bytes becomes 4 ASCII characters. This size increase is a tradeoff for text-safe transmission and is usually acceptable for small payloads but problematic for large binary files.

How do I decode a JWT token's payload?

A JWT looks like header.payload.signature. To decode the payload, take the middle section (between the first and second dot), pad it to a multiple of 4 characters with = if needed, and base64url-decode it. Our Base64 Decoder handles this — just paste the payload section.

Free Developer Tools

If you found this article helpful, check out DevToolkit — 40+ free browser-based developer tools with no signup required.

Popular tools: JSON Formatter · Regex Tester · JWT Decoder · Base64 Encoder

🛒 Get the DevToolkit Starter Kit on Gumroad — source code, deployment guide, and customization templates.