JWT Decoder

Decode and inspect JSON Web Tokens. View the header and payload claims without needing the secret key.

Paste the full JWT token including all three parts separated by dots.
About JWTs

A JSON Web Token (JWT) consists of three Base64URL-encoded parts separated by dots:

  1. Header — algorithm and token type
  2. Payload — claims (data)
  3. Signature — used to verify the token was not tampered with
Common claims
subSubject (user ID)
issIssuer
audAudience
expExpiration (Unix timestamp)
iatIssued at (Unix timestamp)
Never paste production tokens with sensitive data into online tools. This tool runs entirely server-side and does not store tokens.