JWT Decoder
Inspect a JSON Web Token's header, payload and expiry — decoded privately in your browser.
How to decode a JWT
1Paste your JWT into the input box.
2Click Decode.
3Read the header, payload and expiry.
Is it safe to paste my token here?
Yes. The token is decoded entirely in your browser and is never sent to any server.
Does it verify the signature?
No. This tool decodes the token contents; it does not verify the signature, which requires the secret or public key.