Base64 & Hex Encode/Decode

What is Base64 Encoding?

Base64 is a binary-to-text encoding scheme that represents binary data using 64 printable ASCII characters (A-Z, a-z, 0-9, +, /). It's commonly used to embed binary data in text-based formats like JSON, YAML, XML, and email (MIME).

Important: Base64 is encoding, not encryption. It provides no security — anyone can decode it. Never use Base64 as a way to “hide” sensitive data like passwords or API keys.

Common DevOps Use Cases

• Kubernetes Secrets — Values in kubectl get secret -o yaml are Base64-encoded. Use batch mode to decode them all at once.
• Config files in YAML — Embedding certificates, SSH keys, or binary configs in Helm charts or Kustomize overlays.
• CI/CD variables — Many CI systems store secrets as Base64 to avoid special character issues.
• Docker configs — ~/.docker/config.json stores registry auth tokens as Base64.
• JWT tokens — Header and payload are Base64URL-encoded. Our JWT Decoder handles these automatically.

Standard vs URL-safe Base64

Decoding Kubernetes Secrets

To quickly decode all values from a Kubernetes secret, run:

kubectl get secret my-secret -o jsonpath='{.data}' | jq -r 'to_entries[] | "\(.key): \(.value)"'

Then paste the output into this tool with “Decode each line separately” enabled. Each key-value pair will be decoded individually with a copy button per value.