JWT Decoder

Online JWT (JSON Web Token) decoder for parsing and verifying JWTs with pure frontend implementation

ENCODED

HEADER

Decoded JWT content will be displayed here

PAYLOAD

Payload content will be displayed here

VERIFY SIGNATURE

Enter the secret used to sign the JWT

Select the encoding format for the secret key

JWT Decoder Knowledge Base

What is JWT Decoding?

JWT decoding is the process of breaking down a JWT token into its components (Header, Payload, Signature) and displaying their contents. Decoding doesn't require a secret key since the Header and Payload parts of a JWT are just Base64-encoded JSON data.

JWT Structure Breakdown

Header: Contains token type (typ) and signing algorithm (alg) information

Payload: Contains claims such as user information, expiration time, etc.

Signature: Used to verify token integrity, requires secret key for verification

Common Payload Fields

  • iss (Issuer): Token issuer
  • sub (Subject): Token subject, usually user ID
  • aud (Audience): Token recipient
  • exp (Expiration): Token expiration time
  • iat (Issued At): Token issued time
  • nbf (Not Before): Token valid from time

Security Reminders

  • JWT Header and Payload parts are Base64 encoded and can be decoded by anyone
  • Don't store sensitive information in JWT, such as passwords or credit card numbers
  • Decoding JWT is not the same as verifying JWT - verification requires a secret key
  • Always check JWT expiration time and other important fields