JWT Decoder Online
Decode and inspect JSON Web Tokens (JWT) safely in your browser. View headers, payloads, and signatures without exposing sensitive tokens.
Algorithm
Encoded (JWT Token)
Header: Algorithm & Token Type
Invalid JSON in Header
Payload: Data / Claims
Invalid JSON in Payload
Verify Signature
HMACSHA256(
base64UrlEncode(header) + "." + base64UrlEncode(payload),
Public Key (PEM)
Private Key (PEM, optional for signing)
)
Anatomy of a JWT
A JSON Web Token consists of three parts separated by dots: Header (metadata), Payload (claims), and Signature (verification).
Local Token Parsing
Traditional decoders send JWTs to their backend. Our tool decodes client-side to ensure your authentication tokens remain completely confidential.
Frequently Asked Questions
- Yes, you can edit the JSON headers or payloads, and the tool will automatically re-sign them locally if keying is configured.