Developer Tools

JWT Decoder

Decode JWT header and payload claims for debugging.

Last validated: 2026-02-14

JWT Decoder parses JSON Web Tokens into header and payload so you can inspect claims without external tooling. It is helpful for API debugging, auth integration checks, and validating fields like `iss`, `aud`, `sub`, and `exp`. This tool is read-only and focused on visibility: it helps you confirm what is inside a token and whether timestamps/claims look correct. It does not verify signatures, so treat it as an inspection aid, not an authentication decision engine.

Permalink

Input Pattern

Enter values in the left panel, keep units explicit, run the calculation, then copy or share the result. Invalid fields are highlighted immediately.

JWT Input

Decodes header and payload only. Signature is not verified.

Decoded Output

Signature length: 43

Signature preview: SflKxwRJSMeKKF2QT4fwpMeJ...

Header

{
  "alg": "HS256",
  "typ": "JWT"
}

Payload

{
  "sub": "1234567890",
  "name": "ToolPatch",
  "iat": 1700000000,
  "exp": 1900000000
}

Registered Claims

Claim	Value	Interpreted
sub	1234567890	-
iat	1700000000	2023-11-14T22:13:20Z
exp	1900000000	2030-03-17T17:46:40Z

How to use this tool

Paste the full JWT string (three dot-separated segments) into the input field.
Run the decoder and inspect header and payload claims in the output.
Verify expected issuer, audience, and expiration values against your auth configuration.

Worked Example

Auto-generated from the tool's current default or entered inputs.

Example Inputs

Token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IlRvb2xQYXRjaCIsImlhdCI6MTcwMDAwMDAwMCwiZXhwIjoxOTAwMDAwMDAwfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
Header pretty: { "alg": "HS256", "typ": "JWT" }
Payload pretty: { "sub": "1234567890", "name": "ToolPatch", "iat": 1700000000, "exp": 1900000000 }
Signature preview: SflKxwRJSMeKKF2QT4fwpMeJ
Signature length: 43

Expected Outputs

Signature length: 43
Registered claims 1 value: 1700000000
Registered claims 2 value: 1900000000

Interpretation

Signature length is 43. Use this as a decision input, not as a standalone conclusion.
Registered claims 1 value is 1700000000. Use this as a decision input, not as a standalone conclusion.
Registered claims 2 value is 1900000000. Use this as a decision input, not as a standalone conclusion.
Cross-check the result against one alternate input set to validate sensitivity.

Scenario Compare (A vs B)

Use this to compare two input sets and quantify change in key outputs.

Scenario A

Token

Header pretty

Payload pretty

Signature preview

Signature length

Scenario B

Token

Header pretty

Payload pretty

Signature preview

Signature length

Explore more versions

Tailored guides for specific audiences, regions, and scenarios.

core

Developer security tools

Promote API testing tools, identity providers, and secure token management products.

JWT Decoder

Input Pattern

JWT Input

Decoded Output

Header

Payload

Registered Claims

How to use this tool

Worked Example

Example Inputs

Expected Outputs

Interpretation

Scenario Compare (A vs B)

Scenario A

Scenario B

Explore more versions

JWT Decoder

JWT Decoder for Germany

JWT Decoder for United Kingdom

JWT Decoder for United States

JWT Decoder for Freelancers

JWT Decoder for Small Business

Developer security tools