JWT Decoder

Paste a JSON Web Token to decode its header, payload, and check expiration status.

All processing happens in your browser. No data is sent to any server.

JWT Token 0

Header

Decoded header will appear here...

Payload

Decoded payload will appear here...

How It Works

A JSON Web Token (JWT) consists of three Base64URL-encoded parts separated by dots: header.payload.signature.

The header typically contains the signing algorithm (e.g., HS256, RS256) and token type. The payload contains claims -- statements about the user and metadata such as issuer (iss), subject (sub), expiration time (exp), and issued at (iat).

This tool decodes the header and payload by converting each Base64URL segment to JSON. It also checks the exp claim to show whether the token has expired. Note: this tool does not verify the signature -- that requires the signing key.

JWTs are widely used in OAuth 2.0, OpenID Connect, API authentication, and session management.

JWT Decoder

Header

Payload

How It Works

Related Tools