🔓 JWT Decoder

About JWT Decoder

Our JWT Decoder helps developers decode and inspect JSON Web Tokens quickly and easily. View the header, payload, and understand token claims without needing external libraries.

What is JWT?

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. JWTs are commonly used for authentication and information exchange in web applications.

JWT Structure

• Header: Contains the token type (JWT) and signing algorithm (e.g., HS256, RS256).
• Payload: Contains the claims - statements about the user and additional data (e.g., user ID, expiration time).
• Signature: Used to verify the token hasn't been tampered with (not decoded by this tool).

Common Claims

• iss (issuer): Who issued the token.
• sub (subject): Who the token is about (usually user ID).
• aud (audience): Who the token is intended for.
• exp (expiration): When the token expires (Unix timestamp).
• iat (issued at): When the token was issued (Unix timestamp).
• nbf (not before): When the token becomes valid (Unix timestamp).

How to Use

• Paste Token: Copy your JWT token and paste it into the input field.
• Decode: Click "Decode Token" to view the header and payload.
• Inspect: Review the decoded information, claims, and expiration status.

Important Notes

• This tool only decodes JWTs - it does not verify signatures.
• Never paste sensitive production tokens into online tools you don't trust.
• JWT decoding happens entirely in your browser - no data is sent to any server.
• Expired tokens can still be decoded to view their contents.

Privacy & Security

All JWT decoding happens entirely in your browser using JavaScript. No tokens are sent to any server, stored in databases, or logged. Your tokens remain completely private.