JWT Decoder
Paste a JWT to decode and inspect the header, payload, and signature. Runs entirely in your browser - tokens are never transmitted.
Token Structure
. .
Header Payload Signature
Header
Payload
Signature
The signature cannot be verified without the secret key. This tool only decodes the token - it does not validate the signature.
What is a JWT?
A JSON Web Token (JWT) is a compact, URL-safe token used for authentication and information exchange. It consists of three Base64URL-encoded parts: a header (algorithm), payload (claims), and signature. JWTs are widely used in REST APIs, OAuth 2.0, and single sign-on systems.