If you've ever looked at an email source, inspected a JWT token, or embedded an image in CSS, you've encountered Base64. It's one of the most widely used encoding schemes in computing—a binary-to-text encoding that transforms raw binary data into a safe, ASCII-compatible format.
This guide covers the Base64 algorithm from first principles, walks through real programming implementations, and explores the practical scenarios where Base64 encoding is the right tool for the job.
Base64 is a binary-to-text encoding scheme that represents binary data using a set of 64 printable ASCII characters. The Base64 alphabet consists of:
The = character is used as padding. This gives us exactly 64 characters, each representing 6 bits of data (2^6 = 64).
The encoding process follows a straightforward algorithm:
The input text is first converted to its binary representation using UTF-8 (or the specified character encoding). Each character becomes one or more bytes (8 bits each).
The byte stream is divided into groups of 3 bytes (24 bits). Each 24-bit group is then split into four 6-bit units.
Each 6-bit value (0–63) is mapped to its corresponding character in the Base64 alphabet. Since each 6-bit unit represents a value from 0 to 63, it maps directly to one of the 64 Base64 characters.
If the input length isn't a multiple of 3, padding is needed:
===Let's encode the string "Hi!":
Input: H i !
ASCII: 72 105 33
Binary: 01001000 01101001 00100001
Split into 6-bit groups:
010010 000110 100100 100001
Decimal: 18 6 36 33
Base64: S G k h
Result: "SGkh"Notice that 3 bytes of input produce 4 characters of output—a 33% size increase. This is the inherent overhead of Base64 encoding.
The standard Base64 alphabet uses + and /, which can cause problems in certain contexts. Several variants address this:
| Variant | Characters 62-63 | Padding | Common Use |
|---|---|---|---|
| Standard | + / | = | Email (MIME), general purpose |
| URL-safe | - _ | = (optional) | URLs, filenames, JWT tokens |
| No padding | Same as parent | None | JWT, URLs where = causes issues |
| Base64url (RFC 4648) | - _ | None | Web tokens, URI parameters |
The URL-safe variant is particularly important. Since + and / have special meaning in URLs (and = is used for query parameters), the URL-safe variant replaces them with - and _ respectively.
import base64
# Encoding
text = "Hello, World!"
encoded = base64.b64encode(text.encode('utf-8')).decode('utf-8')
print(encoded) # SGVsbG8sIFdvcmxkIQ==
# Decoding
decoded = base64.b64decode(encoded).decode('utf-8')
print(decoded) # Hello, World!
# URL-safe variant
url_safe = base64.urlsafe_b64encode(text.encode('utf-8')).decode('utf-8')
print(url_safe) # SGVsbG8sIFdvcmxkIQ==
# File encoding
with open('image.png', 'rb') as f:
file_b64 = base64.b64encode(f.read()).decode('utf-8')// Browser
const text = "Hello, World!";
const encoded = btoa(text); // SGVsbG8sIFdvcmxkIQ==
const decoded = atob(encoded); // Hello, World!
// Node.js Buffer
const buf = Buffer.from(text, 'utf-8');
const encoded = buf.toString('base64');
// Node.js URL-safe
const urlSafe = buf.toString('base64url');
// Decoding in Node.js
const decoded = Buffer.from(encoded, 'base64').toString('utf-8');import java.util.Base64;
String text = "Hello, World!";
String encoded = Base64.getEncoder().encodeToString(text.getBytes());
String decoded = new String(Base64.getDecoder().decode(encoded));
// URL-safe
String urlSafe = Base64.getUrlEncoder().withoutPadding()
.encodeToString(text.getBytes());# Encode
echo -n "Hello, World!" | base64
# Output: SGVsbG8sIFdvcmxkIQ==
# Decode
echo "SGVsbG8sIFdvcmxkIQ==" | base64 -d
# Output: Hello, World!Email was originally designed for plain ASCII text. Base64 encoding allows binary files (images, documents, audio) to be transmitted as email attachments by converting them to ASCII-safe text. When you see Content-Transfer-Encoding: base64 in an email header, the attached file has been Base64 encoded.
Base64 allows embedding small images and files directly in HTML and CSS using data URLs:
<img src="data:image/png;base64,iVBORw0KGgoAAAANS..." />This is useful for small icons and UI elements where the overhead of an additional HTTP request outweighs the 33% size increase of Base64.
JWT tokens use Base64url encoding (without padding) for their header and payload sections. The three parts of a JWT (header.payload.signature) are each Base64url encoded and joined with periods.
HTTP Basic Authentication sends credentials as username:password encoded in Base64. While this is not secure on its own (it must be combined with HTTPS), it's the standard mechanism for the Authorization: Basic header.
Binary data like images, PDFs, or serialized objects can be stored as Base64 strings in databases that don't support native binary columns. Some ORM systems and serialization formats default to Base64 for binary fields.
Base64 is a fundamental encoding scheme that every developer should understand. It bridges the gap between binary data and text-based systems, enabling everything from email attachments to API authentication. While it's not suitable for security or large-scale data transfer, it remains an essential tool in the developer's toolkit.
Whether you're debugging JWT tokens, embedding images in HTML, or handling email attachments, a reliable Base64 encoder/decoder saves time and prevents encoding errors.
Our free Base64 encoder/decoder supports standard, URL-safe, and no-padding variants. Process text and files directly in your browser.
Try Our Free Base64 Tool →