Developer Tool
JWT Decoder
Decode and inspect JWT (JSON Web Token) headers and payloads instantly. See expiry, issued-at, and all claims — 100% client-side, never logged.
What is a JSON Web Token (JWT)?
A JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed using a secret (with the HMAC algorithm) or a public/private key pair using RSA or ECDSA.
How does this tool work?
A JWT consists of three parts separated by dots (.): the Header, the Payload, and the Signature. This tool takes your encoded JWT string, splits it, and base64-decodes the Header and Payload so you can inspect the JSON claims within. It automatically formats timestamps (likeiat or exp) into human-readable dates and tells you if the token has expired.
Security & Privacy
We do not log your tokens. This tool runs entirely in your browser using JavaScript. Your JWT is never transmitted over the internet to our servers. However, remember that standard JWT payloads are only encoded, not encrypted. You should never store highly sensitive information (like passwords) inside a JWT payload.