JWT Decoder
Decode JWT header and payload and show expiry status without validating the signature.
JSON FormatJSON ValidateBase64URL EncodeTimestampUUIDJWT DecodeHashRegexHTML EntitySQL FormatYAML to JSONJSON to YAML
Settings
This tool does not need extra parameters. Enter content and process it directly.
Input
Type or paste content directly. Processing stays in the browser whenever possible.
Example data
Output
Process some input and the result will appear here.
Process some input and the result will appear here.
How to use
Paste the full JWT string.
Decode the token to inspect the header and payload.
Note the warning: this tool decodes only and does not validate the signature.
Best for
Inspect auth tokens during login or session debugging.
Quickly inspect fields like exp, sub, and aud.
Check token contents stored in the frontend.
FAQ
Does it verify signatures?
No. The first version only decodes and displays the token.
How is expiry determined?
If exp is present in the payload, the page compares it with the current browser time.
Will invalid tokens show an error?
Yes. Invalid structure or malformed base64url data produces a clear error.