ANALYZER

JWT Decoder

Decode JSON Web Tokens and inspect the header, payload claims and expiry — entirely in your browser, no data sent to any server.

Security notice: Never paste production JWTs or tokens containing sensitive data. This tool runs entirely in your browser — nothing is sent to any server.

JWT Token

Understanding JWTs

Header

Specifies the token type (JWT) and the signing algorithm (e.g. HS256, RS256). Always Base64url encoded.

Payload

Contains the claims — sub (subject), iss (issuer), exp (expiry), iat (issued at) and any custom data.

Signature

Cryptographic proof that the token was issued by the expected party and hasn't been tampered with.

Common standard claims

subSubject — who the token is about (user ID)

issIssuer — who issued the token (your auth service)

expExpiration — Unix timestamp when token expires

iatIssued at — Unix timestamp when token was created

nbfNot before — token is not valid before this time

audAudience — who the token is intended for

Related Tools

Base64 Encoder & Decoder

JWTs use Base64url — decode any segment directly.

URL Encoder & Decoder

Encode or decode URL query strings and parameters.

Unix Timestamp Converter

Convert JWT exp/iat timestamps to readable dates.