JWT Decoder

Paste a JWT to see the decoded header and payload (pretty-printed JSON), plus expiry status. Browser-only — your token never leaves your device.

100% in your browser. Files never uploaded.

JWT

How to use

1
Paste a JWT
Three dot-separated Base64URL parts.
2
Read the decoded header and payload
Pretty-printed JSON. Expiry is highlighted if present.
3
Copy any section
One click per section.

FAQ

Is the token uploaded?

No. JWT decoding happens entirely in your browser using the native atob/TextDecoder. The token never leaves your device — important since JWTs often carry session credentials.

Does it verify the signature?

No — V1 only decodes. Signature verification requires the secret or public key, which is sensitive enough to merit its own tool. On the roadmap.

Related tools

Base64 Encode / Decode
Encode text to Base64 or back.
JSON Formatter
Pretty-print, validate, or minify JSON.