Free Online JWT Decoder & Inspector
Paste any JWT token and instantly decode its header and payload sections. Inspect claims, expiry times, and issuer information without needing the secret key.
Related Tools
Frequently Asked Questions
What is a JWT token?
A JSON Web Token (JWT) is a compact, URL-safe string made of three Base64-encoded parts separated by dots: a header (algorithm), a payload (claims), and a signature. It is widely used for authentication and authorization in APIs.
Does decoding verify the JWT signature?
No. Decoding reads the header and payload without verifying the signature. To verify a JWT you need the secret key or public key that was used to sign it. This tool is for inspection only.
What claims should I check in a JWT?
Key claims to inspect: exp (expiry time), iat (issued at), nbf (not before), iss (issuer), sub (subject/user ID), and aud (audience). Always check exp to confirm the token has not expired.