JWT Decoder
Decode a JSON Web Token (JWT) — inspect its header, payload and claims in your browser. Nothing uploaded.
🔒 100% in your browser — nothing is uploaded
How it works
Paste a JSON Web Token to decode its header and payload and read the standard claims (algorithm, issued-at, expiry). Decoding happens entirely in your browser — the token is never sent to a server. This tool decodes only; it does not verify the signature.
Frequently asked questions
What is a JWT?
A JSON Web Token is a compact, URL-safe token with three Base64url parts — header, payload and signature — used to carry claims between services.
Does this verify the signature?
No. It decodes and displays the header and payload only. A decoded payload is readable by anyone; never trust a JWT without verifying its signature server-side.
Is my token sent anywhere?
No. Decoding runs entirely in your browser; the token never leaves your device.