JWT Decoder
Decode and inspect JSON Web Tokens.
The decoded header and payload will appear here.
About the JWT Decoder
Decode and inspect JSON Web Tokens locally. Paste a JWT to see its header and payload claims in readable JSON — handy for debugging auth flows. Tokens are decoded in your browser and never sent anywhere.
How to use it
- 1Paste a JWT (the xxxxx.yyyyy.zzzzz string).
- 2Read the decoded header and payload, including standard claims.
- 3Check expiry and issuer while you debug.
Frequently asked questions
- Does this verify the token's signature?
- No — it decodes and displays the contents for inspection. It does not validate the signature, and your token never leaves your browser.
- Is it safe to paste a real token?
- Decoding happens entirely client-side, but treat any live token as a secret and avoid sharing your screen.
Advertisement