jwt
JWT Decoder
Decode JWT payload
2 free tools
JSON Web Tokens (JWT) are the standard format for authentication and authorization in modern APIs — used by OAuth 2.0, OpenID Connect, Firebase Auth, and most REST APIs. Our free JWT tools let you decode any JWT token to inspect its header, payload claims (sub, iss, exp, iat), and algorithm — all in your browser, without sending tokens to any server.
A JWT (JSON Web Token) is a compact, URL-safe token consisting of three Base64URL-encoded parts: header (algorithm), payload (claims), and signature. It is used to securely transmit authentication state between a client and server.
Decoding happens entirely in your browser — no data is sent to any server. However, never share production JWT tokens with untrusted third-party services. Our tool runs 100% client-side.
Signature verification requires the secret key. This tool decodes the header and payload (which are only Base64URL encoded, not encrypted) but cannot verify the signature without the signing secret.