JWT Decoder
Decode and inspect JWT tokens instantly
Decoding only — signature is not verified
How to Use
- Paste your JWT token into the input field
- The header and payload are decoded and displayed as formatted JSON
- Check the expiration status (valid or expired) based on the exp claim
FAQ
Does this tool verify the JWT signature?
No. This tool only decodes the header and payload by base64-decoding. It does not verify the signature because that requires the secret key or public key.
What is a JWT token?
A JWT (JSON Web Token) is a compact, URL-safe token format used for authentication. It consists of three parts separated by dots: header, payload, and signature.
Is it safe to paste my JWT here?
Yes. All decoding happens in your browser. The token is never sent to any server. However, you should still avoid sharing tokens publicly as they may contain sensitive claims.