JWT Decoder
Decode JSON Web Tokens and inspect the header, payload, and signature. Paste any JWT to see claims, expiry, issuer, and algorithm — no secret key needed to decode.
Header
{
"alg": "HS256",
"typ": "JWT"
}Payload
{
"sub": "123",
"name": "John",
"iat": 1516239022
}How to use the jwt decoder
Paste a JWT (three Base64URL segments separated by dots). Header and payload decode locally — the signature is shown but not verified.
Formula & explanation
JWT = base64url(header) + '.' + base64url(payload) + '.' + signature. Header and payload are JSON.
Examples
A typical JWT header is { alg, typ }; payload is { sub, iat, exp, ... }.
Frequently asked questions
- Does this verify the signature?
- No. Verifying needs the secret/public key, which would be a security risk to enter into a public web tool.
Related developer tools tools
- JWT GeneratorSign JSON Web Tokens with HS256, HS384, or HS512. Set custom claims, expiry, and issuer — then copy the signed token for use in API testing or auth flows.
- URL Encoder/DecoderPercent-encode and decode URLs and query string values. Handles full URLs or individual components — paste any URL to encode special characters or decode percent-encoded strings.
- Base64 Encoder/DecoderEncode text or binary data to Base64 and decode Base64 strings back to text. Supports standard and URL-safe Base64. Useful for data URIs, API tokens, and email attachments.
- URL ParserDecompose any URL into its components — protocol, host, port, path, query parameters, and fragment. Great for debugging redirect chains, API endpoints, and UTM parameters.
- HTML Entities EncoderEncode text to HTML entities and decode entities back to text. Converts angle brackets, ampersands, quotes, and other special characters to safe equivalents for use in HTML templates and CMS workflows.
- Cron Expression Parser — Explain & Preview RunsExplain any cron expression in plain English and preview the next run times. Supports 5-field crontab, 6-field, and @hourly/@daily/@weekly shortcuts. Free, no signup.