JWT Decoder

A free JWT decoder that parses JSON Web Tokens in your browser and shows the header and payload as readable JSON. Optionally displays expiration (exp) and issued-at (iat) in local time. This tool does not verify the signature; it only decodes the token for inspection. No data is sent to any server.

Why Use This JWT Decoder?

• Quick inspection: Paste a token and see header and payload immediately.
• Expiration at a glance: Exp and iat claims are shown as human-readable dates.
• Private: Decoding happens entirely in your browser.
• No backend: Useful for local development and debugging auth flows.

Key Features

• Decode: Paste a full JWT (header.payload.signature) and click Decode.
• Header & payload: Both are shown as formatted JSON.
• Exp / iat: If present, expiration and issued-at are displayed in local time; expired tokens are marked.
• Signature: The signature part is shown as “not verified” (decode-only tool).

How it Works

The tool splits the JWT on the dot (.) into three parts. The first two parts are Base64URL-decoded (replacing – with + and _ with / and adding padding as needed), then run through atob and decoded as UTF-8. The result is parsed as JSON. The third part is displayed as-is. No cryptographic verification is performed.

Try the JWT Decoder

Paste your JWT into the text area and click Decode. Check the header, payload, and any expiration info. Everything runs in your browser.