JWT Decoder

Decode and inspect JSON Web Tokens. View header, payload, expiration, issuer, and verify signatures with HMAC secrets.

Developer Tools

JWT (Encoded)

Common use cases

Inspect JWT contents during API debugging
Verify token signatures against a known secret
Check token expiration and claims
Debug authentication issues

Frequently asked questions

Is decoding the same as verifying?

No. Anyone can decode a JWT — the payload is just Base64URL. Verification requires the secret/public key and proves the token was issued by a trusted source.

Is my JWT sent to your server?

Decoding happens entirely in your browser. Signature verification (if you provide a secret) sends only the signing inputs to our server, which discards them immediately.

Related tools

🔐

Encoding Tools (Base64, Hex, Binary, URL, ROT13)