JWT Decoder
Decode a JSON Web Token's header and payload — in your browser.
- iat — issued at 1/18/2018, 1:30:22 AM
Decoded in your browser. The signature is not verified— decoding only reveals the contents, it doesn't prove the token is authentic.
About JWT Decoder
A JWT decoder reveals the header and payload of a JSON Web Token without needing the signing secret. Paste a token and it splits and Base64URL-decodes the segments to show the algorithm, claims, and any expiry. Decoding happens entirely in your browser, so your token stays private.
Frequently asked questions
- Does decoding verify the signature?
- No. Decoding only reads the header and payload — it does not verify the signature. Never trust a token's claims without verifying it server-side.
- Is a JWT encrypted?
- Usually not. A standard JWT's header and payload are only Base64URL-encoded and readable by anyone. Don't put secrets in a JWT payload.
- Is my token uploaded?
- No. The token is decoded locally in your browser and never sent anywhere.
More tools
Unit ConverterNetToolkitClick CounterClick TestPassword GeneratorID GeneratorStopwatchTimerTodo ListWord CounterJSON FormatterJSON VisualizerQR Code GeneratorPercentage CalculatorAge CalculatorBase64 Encode / DecodeCase ConverterHash GeneratorURL Encode / DecodeUnix Timestamp ConverterColor ConverterLorem Ipsum GeneratorBMI CalculatorTip CalculatorJWT EncoderRegex TesterSlugifyText DiffRemove Duplicate LinesDiscount CalculatorLoan CalculatorTime Duration CalculatorContrast CheckerGradient GeneratorPalette GeneratorTints & ShadesImage to Base64Image ResizerFavicon GeneratorMerge & Split PDF

