JWT Decoder

Decode, inspect, and encode JSON Web Tokens. Header, payload, signature - all client-side.

Decode JWT

Examples

Click to load

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0…

Header

Payload

Signature (raw)

Encode JSON to JWT (unsigned)

Header JSON

Payload JSON

Output JWT

How it works

A JWT consists of three Base64URL-encoded parts separated by dots: header.payload.signature. The header specifies the algorithm (alg) and token type. The payload contains claims. The signature verifies the token hasn't been tampered with.

This tool decodes the header and payload locally (no signature verification). For signature verification you need the secret or public key.

Reference: RFC 7519 - JSON Web Token

Security: This tool does not verify JWT signatures. A decoded payload is not proof the token is valid. Always verify the signature server-side before trusting claims.

Send output to…

Tool piping coming in a future phase.

View source of this tool Report issue