Is my JWT sent to a server?

No — all decoding happens entirely in your browser using JavaScript. Your token never leaves your device.

Can this verify a JWT signature?

No — signature verification requires the secret key (for HMAC) or the public key (for RSA/ECDSA), which are not available to this tool. It decodes the header and payload only.

Claims are statements about the subject of the token. Standard claims include: iss (issuer), sub (subject), aud (audience), exp (expiration time), iat (issued at), and jti (JWT ID). Custom claims are also common.

How do I check if a JWT is expired?

The exp claim contains a Unix timestamp. This tool converts it to a readable date and highlights it if the token is already expired.

What are the three parts of a JWT?

A JWT has three Base64URL-encoded parts separated by dots: the header (algorithm and token type), the payload (claims), and the signature.

What signing algorithms does JWT support?

Common algorithms include HS256, HS384, HS512 (HMAC-SHA), RS256, RS384, RS512 (RSA), and ES256, ES384, ES512 (ECDSA). The algorithm is declared in the header's 'alg' field.

Search tools

- Encode / Decode
- Base64 Encode / Decode
- URL Encode / Decode
- HTML Entity Encode / Decode
- JWT Decoder
- Hash Generator
- MD5 Hash Generator
- SHA-256 Hash Generator

Home
Encode / Decode
JWT Decoder

JWT Decoder

Loading…

About JWT Decoder

The JWT Decoder lets you decode and inspect JSON Web Tokens (JWT) instantly. Paste any JWT and view the decoded header (algorithm, token type), payload (claims, expiry, issuer, subject, audience), and signature portion — all formatted as readable JSON.

Expiry times (exp) and issued-at times (iat) are converted from Unix timestamps to human-readable date and time. Claims are displayed with clear labels so you can quickly understand the token's purpose and validity period.

This tool does not verify the JWT signature — it only decodes the header and payload. No secret key is required.

All decoding happens entirely in your browser. Your JWT never leaves your device.

How to Use JWT Decoder

Paste your JWT token into the input field.
The header and payload are decoded and displayed as formatted JSON.
Expiry (exp) and issued-at (iat) times are shown as human-readable dates.
Review the claims and copy any values you need.

Examples

Example — Decode a JWT

Input

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

Output

Header: {"alg":"HS256","typ":"JWT"}
Payload: {"sub":"1234567890","name":"John Doe","iat":1516239022}

Frequently Asked Questions

Is my JWT sent to a server?: No — all decoding happens entirely in your browser using JavaScript. Your token never leaves your device.
Can this verify a JWT signature?: No — signature verification requires the secret key (for HMAC) or the public key (for RSA/ECDSA), which are not available to this tool. It decodes the header and payload only.
What are JWT claims?: Claims are statements about the subject of the token. Standard claims include: iss (issuer), sub (subject), aud (audience), exp (expiration time), iat (issued at), and jti (JWT ID). Custom claims are also common.
How do I check if a JWT is expired?: The exp claim contains a Unix timestamp. This tool converts it to a readable date and highlights it if the token is already expired.
What are the three parts of a JWT?: A JWT has three Base64URL-encoded parts separated by dots: the header (algorithm and token type), the payload (claims), and the signature.
What signing algorithms does JWT support?: Common algorithms include HS256, HS384, HS512 (HMAC-SHA), RS256, RS384, RS512 (RSA), and ES256, ES384, ES512 (ECDSA). The algorithm is declared in the header's 'alg' field.

Related Tools

Base64 Encode / Decode
JSON Formatter / Validator
URL Encode / Decode
HTML Entity Encode / Decode

Text Tools

Delimiter Separator
Remove Duplicates
Find Duplicates
Sort Lines
Reverse Order
Shuffle / Randomize
Merge Two Lists
Number Lines

More Text Tools

Filter by Keyword
Remove Blank Lines
Trim Whitespace
Add Prefix / Suffix
Find & Replace
Case Convert
Name Formatter
Count Lines / Words / Chars
Frequency Counter
Regex Tester
Diff Checker
Remove Line Breaks
Repeat Text
Slug Generator

Encode / Decode

Base64 Encode / Decode
URL Encode / Decode
HTML Entity Encode / Decode
JWT Decoder
MD5 Hash Generator
SHA-256 Hash Generator
JSON Formatter / Validator
CSV ↔ JSON Converter
XML Formatter
YAML Formatter
HTML Formatter
JSON Schema Generator
XML Schema Generator
Morse Code Translator
Binary Translator
ROT13 Encoder / Decoder

Miscellaneous

UUID Generator
Password Generator
QR Code Generator
Words to Numbers
Cron Expression Parser
Decision Maker
Dice Roller
Pomodoro Timer
Username Generator
Random Number Generator
Random IP Generator
Roman Numerals Converter
Speed Typer

Image Tools

Image Compressor
Crop & Resize
Format Converter
Filters & Effects
Background Remover
Color Palette Extractor

About Contact Privacy Policy Cookie Policy Terms of Service Sitemap