JWT Decoder
A JWT Decoder parses a JSON Web Token into its three Base64URL-encoded segments — header, payload, and signature — and renders the header and payload as readable JSON, all inside your browser so the token never leaves your device.
About JWT Decoder
Paste a JWT to see its decoded header (algorithm, type) and payload (claims like sub, iat, exp, scope). The decoder also surfaces human-readable timestamps for iat, nbf, and exp so you can spot expired tokens at a glance. Decoding is informational only — it does not verify the signature, since verification requires the secret or public key.
What JWT Decoder does
- Splits a JWT into header, payload, and signature in one paste
- Renders header and payload as syntax-highlighted JSON
- Surfaces iat, nbf, and exp as human-readable timestamps with expired indicator
- Detects algorithm (HS256, RS256, ES256, none) from the header
- Token is never transmitted — decoded entirely in your browser
When to reach for JWT Decoder
- Debugging why an API rejects a token with a generic 401
- Spotting an expired exp claim at a glance
- Inspecting the scope or roles claim while wiring up authorization
- Sanity-checking a token your auth provider just minted in staging
How to use JWT Decoder
- 01
Paste your JWT
Paste the three-segment token into the input area.
- 02
Read the claims
Header and payload appear immediately as formatted JSON. Expiration is highlighted if exp is past.
- 03
Compare
Toggle the raw-Base64 view to compare segments side by side with the decoded JSON.
When to use JWT Decoder vs alternatives
| Alternative | Use JWT Decoder when… | Use the alternative when… |
|---|---|---|
| jwt.io online debugger | the token belongs to a production user and cannot be pasted into a third-party service. | you also want to verify the signature with a public key you have. |
| Decoding manually in the browser console | you want timestamps and expiration formatted for you. | you are already in DevTools and want zero context switch. |