JWT Decoder

Decode and inspect JWT tokens — view header, payload and signature without sending data to a server.

Related tools

Password Generator Generate strong, secure random passwords with custom length, symbols, numbers an… Passphrase Generator Generate memorable 3-word passphrases that are easy to remember but hard to crac… UUID Generator Generate RFC 4122 compliant UUID v4 unique identifiers instantly. Hash Generator Generate MD5, SHA1, SHA256 and SHA512 hashes from any text string.

Frequently asked questions

Is it safe to paste my JWT here?
Decoding happens entirely in your browser using JavaScript. The token is never sent to a server. However, avoid sharing JWTs that are still valid and grant significant privileges in any public context.
What is a JWT?
A JSON Web Token (JWT) is a compact, URL-safe means of representing claims between two parties. It consists of three base64url-encoded parts: Header, Payload, and Signature, separated by dots.
Can this verify the JWT signature?
Signature verification requires the secret key. This tool decodes and displays the claims without verifying the signature. To verify, you need the shared secret or the public key from the issuer.