Decode JWT Online
Paste a JSON Web Token and view its header and payload. Signature validation is optional.
JWT Decoder FAQ
What is a JWT? +
A JSON Web Token (JWT) is a compact, URL-safe way of representing claims between two parties. It usually consists of a header, payload, and signature.
Are JWTs encrypted? +
No, JWTs are signed for integrity but not encrypted by default. Anyone with the token can read the header and payload.
Can this tool validate signatures? +
This tool only decodes JWTs. Signature verification requires the secret or public key and should be done server-side.
Is my token safe here? +
Yes. All decoding runs in your browser. Tokens are never uploaded to our servers.
What are common uses of JWTs? +
They are widely used for authentication, API authorization, and securely transmitting user claims between systems.