JWT Decoder
Decode and inspect JSON Web Tokens (JWT).
Header
Payload
Signature
Signature verification requires the secret key and cannot be done client-side securely.
About JWT
JSON Web Tokens (JWT) are an open standard (RFC 7519) for securely transmitting information between parties as a JSON object. JWTs consist of three parts: header, payload, and signature, separated by dots (.).
FAQ
Yes! All decoding happens in your browser. Your JWT never leaves your device. However, avoid pasting production tokens with sensitive data on any public website.
No. Signature verification requires the secret key, which should never be exposed client-side. This tool only decodes and displays the token contents.