JWT Decoder

Decode JSON Web Tokens (JWT) to view their header, payload, and signature status.

JWT Token

How to use

Paste your JWT string into the input area.
The tool will automatically decode the Header and Payload.
View standard claims (exp, iat, sub, etc.) in the detailed view.
Check if the token is expired based on the 'exp' claim.

About JWT

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.

Structure

A JWT consists of three parts separated by dots: Header, Payload, and Signature.

Header

typically consists of two parts: the type of the token, which is JWT, and the signing algorithm being used, such as HMAC SHA256 or RSA.

Payload

Contains the claims. Claims are statements about an entity (typically, the user) and additional data.

Signature

Used to verify the message wasn't changed along the way, and, in the case of tokens signed with a private key, it can also verify that the sender of the JWT is who it says it is.