JWT Decoder
Paste a JSON Web Token to inspect its header, payload, and signature
Payload
Header
Signature
Registered Claims
| Claim | Name | Value |
|---|
Security Audit
What is a JSON Web Token (JWT)?
A JSON Web Token (JWT) is a compact, URL-safe standard (RFC 7519) for representing claims between two parties. JWTs are widely used for authentication and authorization in APIs, single-page applications, and microservices.
A JWT consists of three Base64URL-encoded parts separated by dots (.):
- Header — algorithm and token type (e.g.
HS256,JWT) - Payload — claims such as subject, issuer, expiry, and any custom data
- Signature — used to verify the token hasn't been tampered with
This tool decodes the header and payload client-side in your browser. No data is sent to any server. That said, avoid pasting tokens from production systems that grant sensitive access — treat them like passwords.