JWT Decoder

...

Header

Payload
About this Tool
The JWT Decoder allows you to quickly inspect the contents of a JSON Web Token. Simply paste the token to see the decoded header and payload data. Note: This tool does not verify the token's signature. It solves debugging auth issues by revealing claims without code.
How does it work? It splits the token by dots, Base64-decodes header and payload, then parses to JSON.
  1. Paste your full JWT string into the input text area.
  2. The tool will automatically decode the token.
  3. The decoded header and payload will be displayed in their respective boxes.
  4. If the token is invalid, an error message will be shown.
  • Debugging API auth tokens in dev tools.
  • Inspecting user claims in sessions.
  • Verifying token structure before implementation.
  • Decodes JWTs in real-time as you type.
  • Clearly separates the header and payload.
  • Pretty-prints the JSON content for readability.
  • Validates token structure and provides error feedback.
JWT (RFC 7519) is a compact claims representation, with header, payload, signature. Decoding extracts info; verification needs key. Concept is stateless auth for APIs.
Why no signature verification?
It requires the secret key, which varies.
Can it decode encrypted JWT?
No, only standard Base64.
What's in the payload?
Claims like iss, sub, exp.
All calculations and data processing for this tool are performed locally in your browser. We do not send any of your data to our servers, ensuring your information remains private and secure.