JWT Decoder

How to Use the JWT Decoder

Paste a JWT token into the text area and click the "Decode" button to decode and display the header, payload, and signature. If the payload contains exp (expiration) or iat (issued at) claims, the date/time and token validity will also be shown. Use the Copy button to copy decoded results to clipboard.

JWT (JSON Web Token) is a compact token format for securely transmitting information between parties. It consists of three parts separated by dots (.): header (algorithm information), payload (claims), and signature. JWTs are widely used for authentication, authorization, and API communication. The payload is only Base64URL-encoded, not encrypted, so sensitive information should not be included in the payload.

What is JWT (JSON Web Token)?

Q. Can this tool verify JWT signatures?

A. This tool only decodes JWTs. Signature verification requires a secret key, so signature validation should be performed on the server side.

Q. Is my input data secure?

A. All decoding processing is completed within your browser. Input data is never sent to any server.