JWT Decoder
Decode and inspect JSON Web Tokens. View header, payload, and expiry status. Runs entirely in your browser.
Expiry
11/20/2286, 5:46:39 PM
Issued At
1/18/2018, 1:30:22 AM
{
"alg": "HS256",
"typ": "JWT"
}{
"sub": "1234567890",
"name": "John Doe",
"iat": 1516239022,
"exp": 9999999999
}SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
Signature verification requires the secret key and is not performed in-browser for security reasons.
About This Tool
JWT Decoder reads and displays the contents of a JSON Web Token without verification. Paste any JWT (three dot-separated Base64url segments) to inspect the header algorithm, token claims, and raw payload.
Useful fields to inspect include iss (issuer), sub (subject), exp (expiration), iat (issued at), and aud (audience). Expiration timestamps are shown as human-readable dates. The decoder will flag expired tokens.
JWTs are decoded client-side using Base64url decoding. No network request is needed. This tool does not verify the signature and should not be used to authorize requests. It is for inspection and debugging only.