JWT Decoder

Decode JWT Tokens Online - Inspect Header, Payload & Claims

Decode and inspect JSON Web Tokens instantly. View the header, payload, claims with human-readable timestamps, and check expiration status.

Runs entirely in your browser - no data is sent to any server. Unlike jwt.io, this decoder works fully offline.

What is a JWT?

A JSON Web Token (JWT) is a compact, URL-safe token format for securely transmitting information. It consists of three Base64URL-encoded parts separated by dots.

Header
Algorithm & token type
Payload
Claims & data
Signature
Verification hash

Common JWT Claims

issIssuer of the token
subSubject (usually user ID)
audIntended audience
expExpiration time
iatIssued at time
nbfNot valid before time

How to Decode JWT Tokens

1
Paste your JWT token in the input field
2
Header and payload decode automatically
3
Check expiration with the JWT expiration checker
4
Inspect JWT payload claims and timestamps
!
JWT Decoder Without Verification

This JWT decoder only decodes tokens and does not verify signatures. Use this tool to inspect JWT headers and payloads safely in your browser. Signature verification requires the secret key.

Frequently Asked Questions

What is a JWT?

A JSON Web Token (JWT) is a compact, URL-safe token for transmitting claims between parties. The payload is Base64URL-encoded, not encrypted, so anyone can decode it.

Can this tool verify JWT signatures?

No. This is a JWT decoder without verification. Verifying signatures requires the secret key, which should never be shared with online tools.

Is JWT decoding safe?

Yes. Decoding is safe because JWT payloads are only encoded, not encrypted. This tool runs entirely in your browser - tokens never leave your device.

JWT payload is Base64URL encoded. You can also use our Base64 Decoder or JSON Formatter for related tasks.