JWT Decoder

Paste a JSON Web Token to read its header and claims. Decoded entirely in your browser — your token is never sent anywhere.

📖 Read the guide: How to Decode a JWT →

Header

Payload

Decoded locally — the signature is not verified here.

How it works

Paste the token

Drop your JWT (the eyJ… string) into the box. It stays on your device.

Read header & payload

The header and claims are decoded and pretty-printed instantly.

Check expiry

Standard claims like exp and iat are shown in readable local time with an expiry badge.

Copy what you need

Copy the header or payload JSON in one click.

Frequently Asked Questions

Does it verify the signature?

No — this tool only decodes the token to show its contents. Signature verification will be a separate tool. Decoding never proves a token is authentic.

Is my token sent anywhere?

No. The token is decoded entirely in your browser and is never uploaded or stored.

Which algorithms does it support?

Any JWT — it reads the header and Base64URL-encoded payload regardless of the signing algorithm.

Decode a JSON Web Token (JWT) online to inspect its header and payload, free and instantly. The decoder shows the algorithm and claims, and humanizes timestamps such as exp, iat and nbf into readable local time with an at-a-glance expiry badge. Because decoding happens entirely in your browser, your token never leaves your device — safe for debugging auth flows and inspecting access tokens. Note that decoding is not verification: it does not check the signature.