JWT Decoder
Paste a JWT to instantly decode its header, payload, and signature. Validates expiry and renders all standard claims in human-readable form.
Token status:
Header
Decoded header will appear here.
Payload
Decoded payload will appear here.
Signature
Signature (Base64url) will appear here.
Claims Helper
Standard registered claims decoded to human-readable values.
Tokens are decoded locally; nothing is sent anywhere.
Summary
Paste a JWT to instantly decode its header, payload, and signature. Validates expiry and renders all standard claims in human-readable form.
How it works
- Paste your JWT token into the input field at the top of the page.
- Click "Decode Token" or wait for the live preview to update automatically.
- Review the Header, Payload, and Signature panels with syntax-highlighted JSON.
- Check the Claims Helper section for human-readable dates for exp, iat, and nbf.
- Read the expiry status badge to see whether the token is currently valid, expired, or not yet active.
- Use the copy buttons on each panel to copy individual sections to your clipboard.
Use cases
- Debug authentication issues by inspecting JWT claims during API development.
- Verify token expiry and issue times when troubleshooting OAuth or OpenID Connect flows.
- Inspect third-party JWTs to understand their structure and claims without writing code.
Frequently Asked Questions
Last updated: 2026-06-09 ·
Reviewed by Nham Vu