JWT Decoder

JWT Decoder

Decode JSON Web Tokens to inspect header, payload, and expiry.

Paste your JWT

Paste a JWT above to decode its header, payload, and expiry information.

About this tool

Decode a JSON Web Token to inspect its header, payload, and expiration claims. This tool parses JWTs locally — your token is never sent to a server. Useful for debugging auth flows, verifying token contents, or learning how JWTs are structured.

How to use JWT Decoder

Paste your JWT
Paste the full token string (header.payload.signature).
Inspect the decoded sections
The header and payload decode instantly as JSON. Standard claims like exp, iat, and nbf are annotated with human-readable timestamps.
Copy individual claims
Click any section to copy it to your clipboard.

Why use JWT Decoder

Local decoding — tokens never leave your browser
Human-readable expiry and issued-at timestamps
Syntax-highlighted JSON output
Warns about expired tokens

Frequently asked questions

Does this verify the JWT signature?

No. Signature verification requires the issuer's secret or public key, which isn't available in the browser. This tool decodes and inspects; it doesn't verify.

Is it safe to paste a real token here?

Yes. The token is decoded locally via JavaScript and never transmitted. That said, avoid pasting production tokens in any tool you don't fully trust.

What algorithms are supported?

Decoding works for any algorithm since the header and payload are just Base64URL-encoded JSON. HS256, RS256, ES256, and others all decode the same way.

About this tool

How to use JWT Decoder

Why use JWT Decoder

Frequently asked questions

Related Tools

JWT Decoder

About this tool

How to use JWT Decoder

Why use JWT Decoder

Frequently asked questions

Related Tools