Decode and inspect JSON Web Tokens without verification
This tool decodes JWTs without signature verification. Do not use for security validation.
Decoded token will appear here...
Encode and decode Base64 strings
Format, validate, and minify JSON data with syntax highlighting
Generate MD5, SHA-1, SHA-256, SHA-384, SHA-512 hashes
Encode and decode URLs and query strings
JWT Decoder is a free online tool that decodes JSON Web Tokens (JWTs) and displays their header, payload, and signature in a readable format. JWTs are widely used for authentication and authorization in web applications. This tool parses the three parts of a JWT (header.payload.signature), decodes the Base64URL-encoded header and payload, and shows the contents as formatted JSON. It also extracts common claims like issued-at time and expiration time, and tells you whether the token is expired. Note that this tool decodes without verifying the signature. All processing happens in your browser.