JWT Decoder

Decode JWT header and payload, view claims and expiry at a glance.

Paste a JSON Web Token and instantly inspect the header, payload and signature. Standard claims (iss, sub, exp, iat) are highlighted with human-readable timestamps. The decoder runs in your browser; tokens are never sent anywhere.

Common use cases

Debug authentication flows by inspecting the actual claims in a JWT
Verify token expiry (exp), issuance (iat) and not-before (nbf) timestamps
Confirm the issuer (iss) and audience (aud) of an incoming token
Inspect custom claims to verify role/permission encoding from your auth server

Frequently asked questions

Does the tool verify signatures?▾

No — verification requires the secret or public key, which is server-side concern. This decoder only parses the token so you can read its contents.

Are my tokens uploaded anywhere?▾

No. Decoding happens entirely in your browser.

What if my JWT has 5 segments instead of 3?▾

5-segment tokens are JWE (encrypted) — this tool decodes JWS (signed) only. JWE requires the recipient's private key to read, which makes a browser tool impractical.

Related tools

{}

JSON Formatter & Validator

Beautify, validate and minify JSON instantly in your browser.

↔

JSON ↔ CSV Converter

Convert JSON arrays to CSV and CSV back to JSON.

B64

Base64 Encoder & Decoder

Encode and decode Base64 strings, including UTF-8 and binary.

URL Encoder & Decoder

Percent-encode and decode URL components safely.