Developer Tools

JWT Decoder

Paste a JSON Web Token and instantly see the decoded header, payload, and signature breakdown. The decoder shows all claims, checks the expiry timestamp, and explains the algorithm, without sending your token anywhere.

Decodes header & payload Sensitive, browser-only, no logging Shows expiry status
JWT Token

Paste a JWT token above to decode it

Decoded locally in your browser; your JWT token is never sent anywhere

Features

  • Decodes JWT header, payload, and signature sections
  • Shows all claims including exp, iat, sub, aud in readable format
  • Expiry check, highlights if the token is expired
  • Algorithm and token type shown prominently
  • Timestamp claims converted to human-readable dates
  • Token never sent to any server, decoded locally

How to use it

  1. Paste your JWT (the full eyJ... string) into the input.
  2. Header and payload sections appear decoded immediately.
  3. Check the expiry panel to see if the token is still valid.
  4. Review claims to debug auth issues or inspect token contents.

Use cases

  • Debugging authentication issues in development
  • Inspecting what claims a third-party token contains
  • Checking token expiry without running code
  • Reviewing access scopes in OAuth2 tokens

Limitations

  • JWTs can contain sensitive data. This tool decodes only and does not verify signatures.
  • Very large input can be slower on older devices.
  • This utility is designed for common snippets and local inspection, not as a full security or language-specific validator.
See also

Related tools

Dev Browser

Base64 Encode Decode

Encode text to Base64 or decode Base64 to plain text instantly in your browser. Supports standard and URL-safe Base64, Unicode, and binary-safe encoding.

Use tool
Dev Browser

JSON Formatter

Format and beautify JSON online. Paste minified or messy JSON and get clean, 2-space indented output with syntax validation, instant, in-browser, no upload.

Use tool
Dev Browser

URL Parser

Parse any URL into its components: protocol, host, port, path, query parameters, and hash fragment, instantly in your browser.

Use tool
Dev Browser

JSON Validator

Validate JSON syntax online with exact error messages. Get line number, column, and a human-readable explanation for every JSON error, processed in your browser.

Use tool
Dev Browser

JSON Minifier

Minify JSON by removing all whitespace and line breaks. Paste pretty JSON, get compact JSON for APIs, payloads, and config files. Browser-only, free.

Use tool
Dev Browser

Regex Tester

Test and debug regular expressions online. Paste your pattern and test string to see all matches highlighted, with capture groups listed and flags explained.

Use tool
Questions & answers

Frequently asked

Does it verify the JWT signature?

No, signature verification requires the secret key or public key, which you should never enter into a web tool. This tool only decodes the visible parts.

Is it safe to paste production JWTs here?

The token is decoded entirely in your browser and never uploaded. However, for production secrets you should treat tokens with the same caution as passwords.