Ad Slot · Leaderboard728×90Below the nav, above the fold.
Encoding · Security
JWT Decoder
Decode and inspect JSON Web Tokens — header, payload and signature — instantly and entirely in your browser.
Decoded locally — never sent anywhere
Encoded token
TOKEN STRUCTURE
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMDI0LWE5ZiIsIm5hbWUiOiJBZGEgTG92ZWxhY2UiLCJyb2xlIjoiYWRtaW4iLCJzY29wZSI6WyJyZWFkIiwid3JpdGUiXSwiaWF0IjoxNTE2MjM5MDIyLCJleHAiOjE3MTgzMTk2MDB9.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
● header● payload● signature
Header
{
"alg": "HS256",
"typ": "JWT"
}Payload · claims
{
"sub": "1024-a9f",
"name": "Ada Lovelace",
"role": "admin",
"scope": [
"read",
"write"
],
"iat": 1516239022,
"exp": 1718319600
}Ad Slot · In-contentresponsive · 250px minReserve 250px min-height to prevent CLS.
Frequently asked
No. The entire decode happens in your browser — the token never leaves your machine and nothing is logged. You can go offline and it still works.
Decoding shows the header and payload without a secret. Signature verification is a separate, optional step you run locally with your key.
Any standard JWS with a base64url-encoded header and payload. Encrypted JWE tokens are flagged as not decodable without a key.
How to use
1
Paste your token into the input, or hit Load sample to try it.
2
The header and payload decode automatically as you type — no button press needed.
3
Copy either panel with one click, or read the color-coded token structure.