JWT Decoder Online
Decode any JSON Web Token (JWT) instantly. View the header algorithm, payload claims (exp, iat, sub), and validate structure - all in your browser, no data sent to any server.
JWT Decoder & Debugger
-Parse JSON Web Tokens, inspect claims, and scan for common security vulnerabilities
Auto-Extract from Terminal
You can copy entire terminal commands, shell scripts, or cURL requests containing a JWT and paste them directly. The tool will automatically detect and extract the token.
curl -H "Authorization: Bearer eyJhbG..." "Authorization" = "Bearer eyJhbG..." set JWT=eyJhbG... // Paste a token to inspect... // Paste a token to inspect... What is a JWT Token?
A JSON Web Token (JWT) is a compact, URL-safe token format used
for authentication and information exchange. It consists of three
Base64URL-encoded parts separated by dots: header.payload.signature.
How to Decode a JWT
- Paste your JWT token into the input field above
- The decoder instantly splits and Base64URL-decodes each part
- View header (algorithm, token type), payload (claims), and signature
-
Check expiry time (
exp) and issued-at (iat) in human-readable format
Common JWT Claims
iss Issuer
sub Subject
aud Audience
exp Expiration time
iat Issued at
jti JWT ID