JWT Decoder
Decode a JSON Web Token and inspect its header, payload, and signature.
Free & unlimited
JWT token
Decoded parts
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c Header Payload Signature
HeaderAlgorithm & token type
{"alg": "HS256","typ": "JWT"}
Payload3 claims
{"sub": "1234567890","name": "John Doe","iat": 1516239022}
sub·SubjectIdentifies the subject of the JWTname·NameFull name of the useriat·Issued atTime at which the JWT was issuedSignatureHS256
49f94ac7044948c78a285d904f87f0a4c7897f7e8f3a4eb2255fda750b2cc397Verify signature (optional)
All processing happens in your browser. No data is sent to any server.
About this tool
- 1
Paste JWT token
Enter a JWT token (the long base64-encoded string).
- 2
View header
See the algorithm and token type.
- 3
View payload
Inspect claims including expiration, issuer, and custom data.
- 4
Check expiration
See if the token is expired and when it was issued.
- JWTs have three parts separated by dots: header.payload.signature.
- The "exp" claim shows when the token expires (Unix timestamp).
- Never share JWT tokens publicly - they may contain sensitive claims.
- Decoding is not the same as verifying - this tool does not validate signatures.
- Header decode
- Payload decode
- Expiration check
- Timestamp conversion
- Pretty-printed
- Debug authentication issues by inspecting token contents.
- Check if a JWT token has expired.
- Inspect custom claims in tokens.
- Verify token structure during API development.