JWT Decoder & Debugger

Decode JSON Web Tokens (JWT) to inspect their contents, headers, and claims without sending sensitive data over the network.

jwt decoderdebug jwtdecode json web tokenjwt debugger

Interactive Decoder

Encoded Token

Paste a JWT token to begin analysis

Intro

JWT (JSON Web Token) is a standard for securely transmitting information between parties as a JSON object.

This tool helps you decode the token's header and payload locally in your browser, keeping your tokens secure.

How to use

Paste JWT
Paste your encoded JWT into the input field.
Review parts
The tool will automatically split and decode the header, payload, and signature segments.
Inspect claims
Check standard claims like exp, iat, and sub with human-readable explanations.

Examples

Standard JWT

A common JWT with HS256 algorithm.

Input

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoyNTE2MjMwMDB9.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

Output

Header: { alg: HS256 }, Payload: { sub: 1234567890, name: John Doe }

Expired JWT

Decode a JWT that contains an expired exp claim for debugging.

Input

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJ1c2VyXzAwMSIsImV4cCI6MTcwMDAwMDAwMCwiaWF0IjoxNjk5OTk5MDAwfQ.invalidsignature

Output

Header: { alg: HS256 }, Payload: { sub: user_001, exp: (expired), iat: 2023-11-14 }

FAQ

Is it safe to decode JWT online?

Our tool performs all decoding locally in your browser. Your tokens are never sent to a server.

What does a JWT contain?

A JWT typically consists of three parts: Header (algorithm & token type), Payload (claims), and Signature.

Related tools

Related guides

No related guides in the current seed set.