JWT Decoder
Paste a JSON Web Token to decode its header, payload, and inspect claims.
Decoded token will appear here
What is a JWT?
A JSON Web Token (JWT) is a compact, URL-safe token format defined in RFC 7519. It consists of three Base64URL-encoded parts separated by dots: a header (algorithm and token type), a payload (claims such as user identity and expiry), and a signature used to verify authenticity.
Header
Describes the token type (JWT) and signing algorithm, e.g. HS256 or RS256.
Payload
Contains claims: registered ones like exp, iat, sub, plus any custom application data.
Signature
Ensures the token hasn't been tampered with. Verified server-side using the secret or public key.