JWT Decoder
Decode and inspect a JWT's header and payload, with expiry checks — all in your browser.
About JWT Decoder
Paste a JSON Web Token to instantly decode its header and payload into readable JSON. The tool highlights issued-at, not-before and expiry times and flags expired tokens. Decoding is local — your token never leaves your device.
How to use JWT Decoder
- 1
Paste your JWT into the box.
- 2
Read the decoded header and payload as formatted JSON.
- 3
Check the issued/expiry notes to see if the token is still valid.
- 4
Copy any section you need.
Frequently Asked Questions
Does this verify the signature?
No. It only decodes the token so you can read its claims. Signature verification requires the secret/public key and should be done server-side.
Is my token sent anywhere?
No. Decoding happens entirely in your browser, which makes it safe for inspecting sensitive tokens.