JWT Decoder — Inspect JWT Tokens Online
Decode and inspect JWT tokens — header, payload, and expiration. Free, no signup, works in your browser.
All decoding happens in your browser. No data is sent to any server. Never paste production tokens on untrusted sites.
About JWT Decoder
This JWT decoder splits a JSON Web Token into its three parts — header, payload, and signature — and displays the decoded JSON for each section. Standard claims like iss (issuer), exp (expiration), and iat (issued at) are labeled and timestamps are converted to human-readable dates. The tool also flags expired tokens. JWT decoding happens entirely in your browser by Base64URL-decoding the token parts; no secret key is needed to read the claims, and no data is sent to any server.
Frequently Asked Questions
Is it safe to paste my JWT token here?
Yes. All decoding happens entirely in your browser using JavaScript. No data is sent to any server. However, avoid pasting production tokens on any untrusted website.
Does this tool verify the JWT signature?
No. Signature verification requires the secret key or public key used to sign the token. This tool only decodes and displays the header and payload claims.
What claims does the decoder recognize?
The decoder labels standard JWT claims: iss (Issuer), sub (Subject), aud (Audience), exp (Expiration Time), nbf (Not Before), iat (Issued At), and jti (JWT ID). Timestamps are automatically converted to human-readable dates.