Paste your JWT token below to decode and inspect its header, payload, and signature. This tool runs entirely in your browser, no data is sent to any server.
What is a JWT? #
A JSON Web Token (JWT) is a compact, URL-safe way to represent claims between two parties. It consists of three parts:
- Header - Contains the token type and signing algorithm
- Payload - Contains the claims (user data, permissions, etc.)
- Signature - Verifies the token hasn’t been tampered with
Common JWT Claims #
| Claim | Name | Description |
|---|---|---|
iss |
Issuer | Who issued the token |
sub |
Subject | The user/entity the token represents |
aud |
Audience | Intended recipient of the token |
exp |
Expiration | When the token expires (Unix timestamp) |
nbf |
Not Before | Token not valid before this time |
iat |
Issued At | When the token was issued |
jti |
JWT ID | Unique identifier for the token |