A JSON Web Token (JWT) is a compact, URL-safe token format used for securely transmitting information between parties. It consists of three Base64URL-encoded parts: header, payload, and signature.

Does this tool verify the signature?

No. This is a client-side decoder that shows you the header and payload contents. Signature verification requires the signing key, which should never be shared in a browser tool.

Yes. The token is decoded entirely in your browser. It is never sent to any server or stored anywhere.

What does the expiration status show?

If the payload contains an 'exp' claim, the tool compares it to the current time and shows whether the token is still valid or has expired, along with the expiration date.

JWT Decoder

Paste a JSON Web Token to instantly view its decoded header, payload, and expiration status.

JWT Token

How to Use JWT Decoder

Step 1

Paste your JWT token into the input field.

Step 2

The header and payload are decoded automatically.

Step 3

Check the expiration status if the token has an exp claim.

Step 4

Copy individual sections as needed.

Features

Instant decoding of JWT header and payload.

Expiration status with human-readable date.

Formatted JSON output for easy reading.

No signature verification — your secret key stays safe.

Completely client-side with no server requests.

FAQ

: A JSON Web Token (JWT) is a compact, URL-safe token format used for securely transmitting information between parties. It consists of three Base64URL-encoded parts: header, payload, and signature.
: No. This is a client-side decoder that shows you the header and payload contents. Signature verification requires the signing key, which should never be shared in a browser tool.
: Yes. The token is decoded entirely in your browser. It is never sent to any server or stored anywhere.
: If the payload contains an 'exp' claim, the tool compares it to the current time and shows whether the token is still valid or has expired, along with the expiration date.