What is CBOR used for?

CBOR (RFC 8949) is a compact binary encoding of the JSON data model. It is used in WebAuthn/FIDO2, COSE, CoAP and many IoT and embedded protocols where small, fast-to-parse payloads are important.

How are numbers encoded?

Whole numbers use CBOR's compact unsigned and negative integer encodings, choosing the smallest width that fits. Non-integers are encoded as 64-bit IEEE 754 doubles using the 0xfb head byte.

Will CBOR always be smaller than JSON?

Usually, because keys and structural characters cost fewer bytes, but very short JSON or data dominated by long strings may be similar in size. The tool shows the exact before-and-after byte counts.

Does it produce canonical CBOR?

It produces definite-length maps and arrays with smallest-width integer heads, which is close to canonical form. Map keys keep their JSON order rather than being length-then-byte sorted, so it is deterministic but not strictly canonical.

Is my JSON sent to a server?

No. Encoding happens entirely in your browser using built-in TextEncoder and DataView, so your data never leaves your device — safe for sensitive payloads.

JSON to CBOR Converter

CBOR (Concise Binary Object Representation) is a binary serialization format defined by RFC 8949 that encodes the same data model as JSON in far fewer bytes. It is the wire format for WebAuthn credential payloads, COSE signed messages, CoAP and a wide range of IoT protocols. This tool takes ordinary JSON and produces the equivalent CBOR as a hex dump and base64 string, so you can build and inspect those payloads by hand.

How it works

Every CBOR item starts with a head byte whose top 3 bits encode the major type and whose low 5 bits encode the additional information:

Integers (major types 0 and 1) are written with the smallest head that fits the value — inline for 0–23, then 1, 2, 4 or 8 following bytes.
Text strings (major type 3) are UTF-8 encoded with a length prefix.
Arrays (major type 4) and maps (major type 5) write their element count, then each item — recursively.
true, false and null are the single bytes 0xf5, 0xf4 and 0xf6, and non-integer numbers are written as an IEEE 754 double after the 0xfb head byte.

The encoder walks your parsed JSON value following exactly these rules, producing definite-length output that any conformant CBOR decoder can read back.

Example

The JSON {"a":1,"b":[2,3]} encodes to the hex a2 61 61 01 61 62 82 02 03:

a2          map of 2 pairs
61 61       text "a"
01          unsigned int 1
61 62       text "b"
82 02 03    array [2, 3]

That is 9 CBOR bytes versus 17 bytes of JSON text. The tool reports this comparison for any input so you can see the savings, and everything runs locally in your browser.