Paste a JWT and decode its header and payload into readable JSON. This tool does not verify the signature.
What is a JWT and how to decode it
A JWT (JSON Web Token) is a common format for passing verifiable claims between servers and clients, made of three dot-separated parts: header, payload, and signature. This tool decodes the first two parts into readable JSON — it does not verify the signature, since that requires the secret key used by the issuing server.
Frequently Asked Questions
Does this tool verify the JWT’s signature?
No. It only decodes the header and payload. Verifying the signature requires the secret key, which this tool never receives and doesn’t need.
Is my token sent to a server?
No. Decoding happens entirely in your browser.
What exactly is a JWT?
A JWT (JSON Web Token) is a common format for passing verifiable claims between servers and clients, made of three dot-separated parts: header, payload, and signature.