Parses JWT structure: three base64url-encoded parts separated by dots (header.payload.signature). Decodes each part and pretty-prints the JSON. Supports both HS256 (HMAC-SHA256) and RS256 (RSA-SHA256) signature verification—paste your token and secret key/public key to verify. Shows token expiration time, issuer, and all standard claims.
JWT Decoder
Decode and verify JWT tokens instantly. View header, payload, and signature. Check token expiration. Free online JWT decoder for developers.
Frequently Asked Questions
Quick answers to common questions
What is a JWT token and how does it work?
JWT (JSON Web Token, RFC 7519) is a compact, URL-safe means of representing claims to be transferred between two parties. It's commonly used for authentication and authorization in web applications. Structure: JWTs consist of three parts separated by dots: header.payload.signature. Each part is Base64URL-encoded. Header (algorithm & token type): {"alg":"HS256","typ":"JWT"}—specifies the signing algorithm (HS256, RS256, ES256, etc.) and token type. Payload (claims): contains statements about an entity (typically the user) and additional metadata. Standard claims include: iss (issuer), sub (subject/user ID), aud (audience), exp (expiration time), nbf (not before), iat (issued at), jti (JWT ID). Signature: used to verify the message wasn't changed along the way. For HMAC algorithms, secret = HMACSHA256(base64UrlEncode(header) + "." + base64UrlEncode(payload), secret). For RSA/ECDSA, sign with private key, verify with public key. Our decoder parses all three parts, validates Base64URL encoding, checks expiration claims, and displays the content in a human-readable format. Common use case: After user logs in, server creates JWT with user ID and claims, client stores JWT (localStorage/cookie), client sends JWT in Authorization header for subsequent requests, server validates signature and extracts claims.
How do I decode and inspect a JWT token?
Simply paste your JWT token into the input area. The tool will automatically decode and display: Header section—algorithm (alg), token type (typ), key ID (kid) if present. Payload section—all claims decoded from Base64URL, standard claims highlighted (iss, sub, exp, iat, nbf, aud), custom claims displayed with their values, timestamps shown in both Unix epoch and human-readable UTC format. Signature section—the encoded signature as received, verification status (requires secret key for full verification). Color coding: valid tokens (green), expired tokens (yellow), invalid structure (red), signature verification results. The tool works entirely in your browser using JavaScript's atob() and TextDecoder for Base64URL decoding. It handles both padded and unpadded Base64URL strings. Example token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
Is it safe to decode JWT tokens online? What about security and privacy?
Yes, decoding JWTs is safe because JWTs are not encrypted—they're encoded, not encrypted. Anyone who possesses a JWT can read its payload simply by Base64-decoding it. Our tool adds safety: all decoding happens locally in your browser using client-side JavaScript, your tokens are never sent to any server, no data leaves your device, tool works offline after initial page load, HTTPS ensures the tool itself hasn't been tampered with. Security best practices: never share tokens containing sensitive information via untrusted channels, be cautious when pasting tokens with PII (personally identifiable information) or secrets, remember that the payload is readable by anyone—don't store sensitive data in JWT claims, use HTTPS always when transmitting tokens, validate tokens server-side even if client checks expiration, implement short expiration times (15-30 minutes for access tokens), use refresh tokens for long-term sessions, never include passwords or API secrets in JWT payloads. Our tool is safe for debugging and development but consider using offline tools for production tokens with highly sensitive data.
Can I verify if a JWT token signature is valid?
Our decoder shows token structure and expiration but has limitations: Decoding vs verification—we can decode any JWT without a key, but signature verification requires the original secret. What we show: token expiration (exp claim) compared to current time, token age (iat claim) showing when it was issued, not-before time (nbf claim) if present, algorithm used (alg) to verify it's expected (avoid 'none' algorithm). What we can't verify without your secret: cryptographic signature integrity, whether the token was tampered with, authenticity of the issuer. For full verification, you need: For HS256 (HMAC with SHA-256): the shared secret string used by the server to sign the token. For RS256/RS384/RS512 (RSA): the public key or certificate from the issuer. For ES256/ES384/ES512 (ECDSA): the public key from the issuer. Verification process: decode header and payload, reconstruct the signature verification input, compute expected signature using the key/secret, compare with received signature. Always verify tokens server-side in production—client-side checks are easily bypassed.
What are the different JWT algorithms and which should I use?
JWT supports multiple signing algorithms with different security properties: HS256 (HMAC with SHA-256)—symmetric, shared secret, fastest, simplest, best for: service-to-service communication, internal microservices, cases where you control both parties. HS384/HS512—stronger HMAC variants, rarely needed, SHA-384/SHA-512 instead of SHA-256. RS256 (RSA Signature with SHA-256)—asymmetric, public/private key, best for: third-party authentication, identity providers (Auth0, Firebase, Okta), scenarios where token issuer and verifier are different parties. RS384/RS512—stronger RSA variants, larger signatures, slower verification. ES256 (ECDSA using P-256 and SHA-256)—asymmetric, smaller signatures than RSA, best for: mobile apps (smaller token size), IoT devices with limited bandwidth, environments where signature size matters. EdDSA (Ed25519 signature)—modern, fast, secure, small signatures, increasingly recommended over ECDSA. none (unsigned)—DANGEROUS, never use in production,任何人can forge tokens. Recommendation: Use HS256 for simple apps with trusted parties. Use RS256 or ES256 for public-facing applications with third-party access. Avoid 'none' algorithm entirely. Our decoder identifies the algorithm and warns if 'none' is detected.
What are standard JWT claims and what do they mean?
Standard claims (registered claims) provide interoperability and defined behavior: iss (issuer)—identifies the principal that issued the JWT (e.g., 'https://auth.example.com'). sub (subject)—identifies the principal that is the subject of the JWT (e.g., user ID '1234567890'). aud (audience)—identifies the recipients that the JWT is intended for (e.g., ['api.example.com']). exp (expiration time)—identifies the expiration time on or after which the JWT MUST NOT be accepted for processing (NumericDate). nbf (not before)—identifies the time before which the JWT MUST NOT be accepted for processing. iat (issued at)—identifies the time at which the JWT was issued (NumericDate, Unix timestamp). jti (JWT ID)—provides a unique identifier for the JWT, can be used to prevent replay attacks. Custom claims: application-specific data like user roles, permissions, profile data. Example payload: {"iss":"https://auth.example.com","sub":"1234567890","aud":["api.example.com"],"exp":1516239022,"nbf":1516239022,"iat":1516239022,"jti":"abc123","name":"John Doe","role":"admin"}. Our decoder highlights standard claims and displays custom claims separately.
How do I handle JWT expiration and token refresh?
JWT expiration (exp claim) is critical for security. Our decoder shows: expiration timestamp in both Unix epoch and human-readable format, time until expiration (e.g., 'expires in 5 minutes'), expired status if current time > exp. Best practices for token lifecycle: Access tokens—short-lived (15-30 minutes), contain minimal claims, used for API authentication. Refresh tokens—long-lived (days/weeks), stored securely (httpOnly cookie), used to obtain new access tokens, can be revoked. Rotation strategies: automatic refresh before expiration (when 75% of lifetime elapsed), silent refresh in background, force reauthentication if refresh token expires. Implementation flow: 1) User authenticates with credentials, 2) Server issues access token (15 min) + refresh token (7 days), 3) Client uses access token for API calls, 4) Before access token expires, client uses refresh token to get new access token, 5) If refresh token expires, user must re-authenticate. Security considerations: store tokens securely (httpOnly cookies preferred over localStorage), implement token revocation for logout, detect token theft by monitoring usage patterns, use short expiration to limit damage from leaked tokens. Our tool helps debug expiration issues by showing exact timestamps.
What are common JWT security vulnerabilities and how do I prevent them?
Common JWT vulnerabilities and mitigation: None algorithm attack—attacker sets alg to 'none' and removes signature, prevention: always verify alg is not 'none', reject tokens with 'none' algorithm. Algorithm confusion—attacker converts RS256 token to HS256 and signs with public key, prevention: explicitly validate algorithm matches expectation, don't support multiple algorithms for same key. Weak keys—short secrets for HS256 make brute-force possible, prevention: use secrets with >= 256 bits of entropy (32+ random characters), rotate secrets regularly. Token leakage—exposed in URLs, logs, or JavaScript, prevention: never pass tokens in URL parameters, sanitize logs to remove tokens, use httpOnly cookies instead of localStorage. Missing expiration—tokens never expire, allowing indefinite access, prevention: always set exp claim, use short expiration times, implement refresh token rotation. Replay attacks—captured tokens reused, prevention: use jti claim for unique identifiers, maintain token blacklist for revoked tokens, implement short expiration. Timing attacks—signature verification timing varies, prevention: use constant-time comparison for signature verification. Our decoder helps identify vulnerabilities by: warning if 'none' algorithm detected, showing missing exp claims, displaying weak algorithm choices, highlighting unusual payload structures.
View Complete Guide & Tutorials
Explore advanced techniques and best practices
Use Cases
Discover how to integrate this tool into your workflow
API Debugging
Inspect JWT payloads from API responses.
- Decode auth tokens
- Verify user claims
- Check token expiration
- Debug authentication flow
Security Testing
Validate JWT signatures and detect tampering.
- Signature verification
- Algorithm confusion testing
- Claim validation
- Token security audit
Development
Understand JWT structure for implementation.
- Learn JWT format
- Test token generation
- Debug OAuth flows
- Inspect ID tokens
About This Tool
JWTs (JSON Web Tokens) look like gibberish until you decode them. This tool splits them into header, payload, and signature—no server needed, which is important because JWTs often contain sensitive info. Debug your auth tokens, see what claims are inside, verify signatures (if you have the secret key). Saved me tons of time debugging authentication flows.
Technical Details
Algorithm
JWT structure: Header (algorithm and token type), Payload (claims/data), Signature (HMAC or RSA). Each part is base64url-encoded. Signature is created by signing header.payload with a secret (HMAC) or private key (RSA). Verification uses the same key to recreate the signature and compare it. If they match, the token hasn't been tampered with. Expiration (exp claim) is validated separately.
Privacy Commitment
🔒 **Privacy First**: Unlike server-based tools, AI-TOL processes everything locally in your browser - your data never leaves your device. No uploads, no tracking, completely private.