diff --git a/esp32_device/main/jwt.c b/esp32_device/main/jwt.c
index d2e8103..59239f2 100644
--- a/esp32_device/main/jwt.c
+++ b/esp32_device/main/jwt.c
@@ -12,6 +12,7 @@ static const char *TAG = "jwt";
 
 char *jwt_gen(cJSON *payload)
 {
+    // Generate header
     char *kid = dev_name();
     if (!kid)
     {
@@ -44,9 +45,41 @@ char *jwt_gen(cJSON *payload)
         return NULL;
     }
 
-    printf("header = %s\n", header_b64);
+    // Encode body to JSON
+    char *body_json = cJSON_PrintUnformatted(payload);
+    if (!body_json)
+    {
+        ESP_LOGE(TAG, "Failed to encode body to JSON!");
+        free(header_b64);
+        return NULL;
+    }
 
+    char *body_b64 = crypto_encode_base64_safe_url(body_json, strlen(body_json));
+    free(body_json);
+    if (!body_b64)
+    {
+        ESP_LOGE(TAG, "Failed to encode body to base64!");
+        free(header_b64);
+        return NULL;
+    }
+
+    // Assemble unsigned JWT parts
+    char *unsigned_jwt = calloc(1, strlen(header_b64) + strlen(body_b64) + 2);
+    if (!unsigned_jwt)
+    {
+        ESP_LOGE(TAG, "Failed to allocate memory to store unsigned JWT!");
+        free(header_b64);
+        free(body_b64);
+        return NULL;
+    }
+
+    sprintf(unsigned_jwt, "%s.%s", header_b64, body_b64);
     free(header_b64);
+    free(body_b64);
+
+    // TODO : wip
+    printf("unsigned = %s\n", unsigned_jwt);
+    free(unsigned_jwt);
 
     // TODO : continue
     return strdup("TODO:)");