JWT Decoder

What is a JWT?

A JSON Web Token (JWT) is a compact token used for authentication and data exchange between systems. It consists of three base64url-encoded parts separated by dots: header, payload, and signature.

JWTs are commonly used in APIs and authentication systems to securely transmit claims such as user ID, roles, and token expiration.

Why decode JWTs?

When debugging auth flows or API responses, you often need to inspect what is inside a token without writing code. This tool decodes the header and payload instantly, and shows the expiration time when an exp claim is present.

All processing happens in your browser — nothing is sent to a server.

Example

Paste a token like:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Decoded output:

• Header: { "alg": "HS256", "typ": "JWT" }
• Payload: { "sub": "1234567890", "name": "John Doe", "iat": 1516239022 }

Note: This tool does not verify signatures — it is for inspection only.

How to use

Paste a JWT into the input box. The header and payload appear decoded as JSON. Copy either section individually. If an exp claim is present, the expiration date is shown in a human-readable format. Invalid or malformed tokens show an error.