JWT Decoder

Decode JWT header and payload instantly. No signature verification.

Header

{
  "alg": "HS256",
  "typ": "JWT"
}

Payload

{
  "sub": "dev-user",
  "role": "developer",
  "iat": 1700000000,
  "exp": 1700003600
}
This tool only decodes base64url data. It does not validate the signature or token claims.
/api/jwt-decode?token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiJkZXYtdXNlciIsInJvbGUiOiJkZXZlbG9wZXIiLCJpYXQiOjE3MDAwMDAwMDAsImV4cCI6MTcwMDAwMzYwMH0.dummysignature

Guide

JWT Decode Guide

Decode JWT header and payload for debugging tokens in development. This tool does not verify signatures.

How It Works

  • Paste the full JWT token.
  • View decoded header and payload instantly.
  • Copy JSON for inspection or debugging.

Practical Tips

  • Never paste real production secrets.
  • Verify signatures on your server, not here.
  • Check exp and iat fields to debug expiry.

FAQs

Is the signature validated?

No, it only decodes base64 content.

Does it support JWE?

No, encrypted tokens are not supported.

Can I use the API?

Yes, the endpoint returns decoded JSON.