JWT Decoder

⚠️ This only decodes the token. It does not verify the signature.
🔒 Decoding runs locally in your browser. The token is never sent to a server.

🔒 Privacy: Inputs remain on your device and are not sent to a server.

JWT Decoder

Paste a JWT and decode its header and payload into readable JSON. This tool does not verify the signature.

What is a JWT and how to decode it

A JWT (JSON Web Token) is a common format for passing verifiable claims between servers and clients, made of three dot-separated parts: header, payload, and signature. This tool decodes the first two parts into readable JSON — it does not verify the signature, since that requires the secret key used by the issuing server.

Frequently Asked Questions

Does this tool verify the JWT’s signature?

No. It only decodes the header and payload. Verifying the signature requires the secret key, which this tool never receives and doesn’t need.

Is my token sent to a server?

No. Decoding happens entirely in your browser.

What exactly is a JWT?

A JWT (JSON Web Token) is a common format for passing verifiable claims between servers and clients, made of three dot-separated parts: header, payload, and signature.