JWT Decoder – Token Inspector
Decode and inspect JWT tokens without verification. View header, payload, and signature for debugging authentication.
Our JWT Decoder decodes JSON Web Tokens (JWTs) to view their header, payload, and signature. JWTs are used for authentication and authorization in APIs and web apps. Paste a JWT to inspect its contents—claims, expiration, and issuer.
Decoding runs entirely in your browser. This tool does NOT validate signatures. Never paste sensitive production tokens into any online tool. For debugging and learning only.
Features
- Decode JWT tokens
- View header, payload, signature
- Timestamps (exp, iat, nbf)
- 100% client-side
- No registration
How to Use
Copy your JWT token (three parts separated by dots).
Paste it into the input area.
Click 'Decode JWT' to view header, payload, and signature.
Use Copy to extract any part. Check timestamps for exp, iat, nbf.
Frequently Asked Questions
Does this tool validate the JWT signature?
No. This tool only decodes (base64url) the JWT. It does not verify the signature. Never paste sensitive tokens—use only for debugging or learning.
Is my JWT sent to a server?
No. Decoding happens entirely in your browser. Your token never leaves your device.
What are exp, iat, and nbf?
exp = expiration time, iat = issued at, nbf = not before. These are standard JWT claims for token validity.