All Tools

JWT Decoder

Decode and inspect JSON Web Tokens

Security Note: This tool only DECODES JWTs — it does NOT verify signatures. All processing happens in your browser; no data is sent to any server.

Paste JWT Token

How JWT Decoding Works

A JWT consists of three Base64URL-encoded parts separated by dots: Header.Payload.Signature

JWT Structure

Common Claims

Frequently Asked Questions

What is a JWT?
JWT is a compact, URL-safe token for securely transmitting information. It has three parts: Header, Payload, and Signature.
Does this tool verify signatures?
No, this tool only decodes JWTs. Signature verification requires the secret or public key used to sign the token.
Is it safe to paste my JWT here?
Yes, everything runs in your browser. No data is sent to any server.
What does the exp claim mean?
The exp claim is the expiration time as a Unix timestamp. After this time, the token should not be accepted.