JWT Decoder
A free online tool for decoding JWT (JSON Web Token) to analyze header, payload, and signature
Enter JWT Token 0 chars
Token Structure
Header (HEADER)
Payload (PAYLOAD)
Signature (SIGNATURE)
Claims Analysis
| Claim | Name | Value | Status |
|---|
What is a JWT Decoder?
JWT (JSON Web Token) is an open standard (RFC 7519) for securely transmitting information between two systems. A JWT decoder is a tool that decodes Base64-encoded tokens and displays the header, payload, and signature information in a human-readable format. It is useful for debugging authentication systems and analyzing API tokens.
JWT Structure
- Header: Contains information about the token type and signing algorithm.
- Payload: Contains user information and claims data.
- Signature: Signature data for verifying the integrity of the token.
Frequently Asked Questions
No. All decoding is done in the browser, and the entered token is not sent to any external server. You can safely analyze real tokens.
This tool focuses on analyzing and decoding the token structure. Signature verification requires a secret key or public key, and for security reasons, this tool does not accept key input on the client side.
Yes, you can decode a JWT token regardless of whether it has expired. The tool checks the exp (expiration time) claim and indicates whether the token has expired.
Standard claims include iss (issuer), sub (subject), aud (audience), exp (expiration time), nbf (not before), iat (issued at), and jti (JWT ID). Additionally, custom claims can be added per application.