Skip to main content
Back to Developer Tools

JWT Decoder

Decode JSON Web Token header and payload locally without uploading token values.

Runs locally. Signature is not verified.
JWT token
Token status
Token status-
Algorithm
-
Type
-
Issued at-
Not before-
Expires at-
Summary

Paste a JWT before decoding.

Header
Payload

Next tool

Developer Tools Hub

Browse local developer utilities and workflows.

Open Developer Tools

Next tool

Format the payload JSON

Send decoded payload structure into the JSON Formatter when you need validation, clean indentation, or an error summary.

Open JSON Formatter
Signature

-

Examples
JWT structure
base64url(header) + '.' + base64url(payload) + '.' + signature
header
Algorithm and token type metadata
payload
Claims such as iss, sub, aud, iat, nbf, exp
signature
Cryptographic proof that must be verified by the receiving system
How this tool works
  1. Split the token by periods into header, payload, and signature segments.
  2. Decode the first two segments with Base64URL and parse the JSON content.
  3. Read standard time claims to show whether the token appears active, expired, or not yet valid.
Worked examples

Inspect claims

  • Paste a JWT from a local test environment

Read iss, aud, sub, exp, and role-style custom claims

Decoding is useful for debugging claim shape and expiration timestamps.

Check expiration

  • Token includes an exp claim

The status panel compares exp with the current browser time

This is a convenience check only; server-side validation still decides access.

FAQ