Ctrl+K

URL to Base64 — Online URL Encoder

🔒 Runs in your browser — nothing is sent to a server

URL to Base64 encoding converts a link — full URL, signed redirect target, OAuth callback, referrer header, or tracking pixel — into a compact ASCII string that can travel through JSON APIs, JWT claims, email templates, and QR payloads without being broken by the `?`, `&`, `#` or `/` characters. The output is classic Base64; swap `+/` for `-_` and strip `=` padding when you need URL-safe Base64 (base64url). Everything runs 100% in your browser; your links never leave the device, nothing is uploaded or logged.

Two-pane view: input and output side by side

Input

Output

Copied!

When to Base64-encode a URL

Base64-encoding a URL is the right call whenever a link must travel inside another structured payload. Typical moments: embedding a callback URL in an OAuth `state` parameter so CSRF checks survive the provider round trip; packing a long redirect destination into a short-link service's payload without hitting path-length limits; storing a tracking URL inside a JSON column where `&` and `?` would be ambiguous; placing a deep link inside a JWT claim so the token stays self-contained; or carrying a signed download URL through a chat API that strips query strings. The encoded form is opaque to middleware and safe to transport.

How URL-to-Base64 encoding works

URL-to-Base64 encoding treats the URL as UTF-8 text and applies the standard Base64 algorithm. First the URL string is converted to its UTF-8 byte sequence — for plain ASCII links this is identity, for internationalised domain names it expands to 2–4 bytes per non-Latin character. Second, every three bytes are split into four 6-bit values, each mapped to a character in the 64-symbol alphabet (A–Z, a–z, 0–9, +, /). Trailing `=` padding fills the final group when necessary. Decoding reverses the process and reassembles the original URL exactly. The encoder makes no semantic changes — `?` stays `?` inside the encoded bytes.

Examples

Input

https://example.com

Output

aHR0cHM6Ly9leGFtcGxlLmNvbQ==

URL to Base64 — simple HTTPS link

Input

https://example.com/search?q=base64&lang=en

Output

aHR0cHM6Ly9leGFtcGxlLmNvbS9zZWFyY2g/cT1iYXNlNjQmbGFuZz1lbg==

Convert URL to Base64 — full query string

FAQ

How do I convert a URL to Base64?

To convert a URL to Base64, treat the URL as a regular UTF-8 string and feed its bytes to a Base64 encoder. In JavaScript, call `btoa(url)` for plain ASCII URLs; for links that include non-Latin hostnames or pre-encoded path segments, wrap with `TextEncoder` first. In Node.js, use `Buffer.from(url, 'utf-8').toString('base64')`. This page does the UTF-8 wrapping for you.

What is URL to Base64 used for?

URL to Base64 is handy anywhere a raw link would be broken by reserved characters or size limits. Common use cases: OAuth `state` parameters, short-link redirect payloads, email click-tracking wrappers, JWT claims that carry a callback URL, QR code payloads, analytics event metadata, and storing a link inside a database column that only accepts ASCII. The encoded form stays safe through every text pipeline.

Is `url to base64` the same as URL encoding (percent-encoding)?

No. URL encoding (RFC 3986 percent-encoding) escapes reserved characters as `%xx` sequences so the URL stays a valid URL. Base64 encoding wraps the entire link — including its `://` and `?` — into a compact ASCII payload that is no longer a navigable URL. You typically percent-encode query values, and you Base64-encode a whole link when you need to transport it inside another string.

Should I use Base64 or base64url for URLs?

If the Base64 output is itself going to be placed inside another URL or HTTP header, use URL-safe Base64 (base64url, RFC 4648 §5) — replace `+` with `-`, `/` with `_`, and drop `=` padding. That avoids a second round of percent-encoding. For storage inside a JSON body, email, or database column, classic Base64 is fine. This page outputs classic Base64; convert manually when you need base64url.

Can I decode a Base64-encoded URL back to the original link?

Yes — Base64 is fully reversible. Feed the encoded string to a Base64 decoder and you get the exact original URL bytes back. In JavaScript use `atob(payload)`; in Node.js `Buffer.from(payload, 'base64').toString('utf-8')`. Our separate `base64-to-text` tool decodes any Base64 payload in the browser if you want a one-click round trip.

Is my URL safe when I encode it here?

Yes. This URL-to-Base64 encoder runs entirely in your browser using the native `btoa` and `TextEncoder` APIs. Your link and the encoded result stay on your machine — nothing is uploaded, no server-side logging happens, and there is no account or history. Safe for signed redirect URLs, OAuth callbacks with tokens, and any other link you do not want leaking.

Glossary

Link to Base64

Link-to-Base64 is informal shorthand for URL-to-Base64: you take the full text of a hyperlink — scheme, host, path, query, fragment — and wrap it in the Base64 alphabet. The result is an ASCII string that can be pasted into any text channel without being chopped at `?` or `&`. Decoding yields the exact original link character-for-character, including all percent-encoded segments.

URL Base64 encoder

A URL Base64 encoder is any tool that converts a URL string to its Base64 representation. It treats the URL as UTF-8 text and applies the standard Base64 algorithm — no special handling for URL syntax. The distinction matters: the encoder is not RFC 3986 percent-encoding your query string, it is wrapping the entire URL into a Base64 envelope suitable for transport inside another payload.

base64url (URL-safe Base64)

Base64url is a variant of Base64 defined in RFC 4648 §5 that replaces `+` with `-` and `/` with `_`, and optionally omits `=` padding. The substitution removes characters that would otherwise require percent-encoding if the Base64 output is itself placed inside a URL or JWT header. JWT tokens, OAuth `state` parameters, and WebAuthn challenges all use base64url by default.

OAuth state parameter

An OAuth `state` parameter is a Base64-encoded value that the client generates before redirecting to the identity provider and verifies on callback to prevent CSRF attacks. The contents often encode a return URL plus a random nonce. Encoding the full URL to Base64 keeps the `?` and `&` from colliding with the outer authorisation URL structure.

Related tools

Text to Base64

Encode any text to Base64 — fast, free Base64 encoder

Base64 to Text

Decode Base64 to plain text — fast, free Base64 decoder

URL Encode

Percent-encode text or URLs with a free URL encoder

URL Decode

Decode percent-encoded URL strings with a free URL decoder

JSON Beautify

Pretty-print and format minified JSON with proper 2-space indentation in your browser

JSON Minify

Compress and minify JSON by stripping every byte of optional whitespace

JSON to YAML

Convert JSON data to clean, human-readable YAML format

YAML to JSON

Convert YAML configuration files to JSON format instantly