What does a JWT decoder do?
A JWT decoder turns the header and payload into readable JSON.
That makes it easy to inspect algorithm, issuer, subject, audience, and time-based claims.
JWT Decoder
Decode JWT headers and payloads locally, inspect claims, and understand token structure in seconds.
JWT Decoder
Decode JWT header and payload locally, then inspect expiry and claim details.
The tool does not verify signatures; it only decodes JWT segments locally.
Summary
Invalid JWT
Decoding happens entirely in the browser.
Segments
0
Algorithm
n/a
Type
n/a
Signature
0
Paste a JWT to start or load the sample.
Decoding happens entirely in the browser.
Header
Signature preview
No decoded data yet.
Payload
Signature preview
No decoded data yet.
Signature preview
No decoded data yet.
Share this calculation
The link keeps basic share tracking.
Does this tool verify the signature?
No. This tool does not perform security verification; it only decodes the token locally.
Signature validation must happen on the backend with the correct verification key.
How should I read token expiry and claims?
The exp and nbf claims show the token validity window and are interpreted with the local clock.
Any extra payload claims remain visible in the raw JSON view.
How to read JWT structure
A JWT commonly contains header, payload, and signature segments separated by dots.
The header and payload are Base64URL-encoded JSON parts; being readable does not make them trustworthy.
Time claims and clock differences
Claims such as `exp`, `iat`, and `nbf` use NumericDate-style second-based timestamps.
Local time, server time, and clock skew can affect interpretation, so authorization decisions need backend verification.
Security boundary
This page does not verify signature, issuer, audience, or key suitability; it only helps inspect token contents.
Sensitive tokens, user identifiers, and production claim values should be masked before they are shared.