Developer
JWT Decoder
Decode and inspect JSON Web Tokens. See the header, payload, and signature instantly. Local-only.
Frequently asked questions
Is decoding a JWT secure?
This tool decodes locally in your browser, so your token never leaves your device. But remember: a JWT is base64 — anyone who reads it can decode it. Don’t share tokens.
Does this verify the signature?
No. Signature verification needs the secret/key. This tool decodes and displays the parts.
What does each claim mean?
iss = issuer, sub = subject, aud = audience, iat = issued at, exp = expiration, nbf = not before. These are standard RFC 7519 claims.