security notice
This tool decodes JWTs without validation. Never share sensitive tokens. All processing happens locally in your browser.
header
payload
signature
ⓘ Signature verification requires the secret key (not shown)
about jwt tokens
• JWT (JSON Web Token) is a compact, URL-safe token format
• Structure: header.payload.signature (Base64URL encoded)
• Header contains algorithm and token type
• Payload contains claims (user data, expiration, etc.)
• Signature verifies token integrity (requires secret key)