Skip to main content

JWT Decoder

·145 words·1 min
Jack Warner
Author
Jack Warner
A little blog by me

Paste your JWT token below to decode and inspect its header, payload, and signature. This tool runs entirely in your browser, no data is sent to any server.

What is a JWT?
#

A JSON Web Token (JWT) is a compact, URL-safe way to represent claims between two parties. It consists of three parts:

  1. Header - Contains the token type and signing algorithm
  2. Payload - Contains the claims (user data, permissions, etc.)
  3. Signature - Verifies the token hasn’t been tampered with

Common JWT Claims
#

ClaimNameDescription
issIssuerWho issued the token
subSubjectThe user/entity the token represents
audAudienceIntended recipient of the token
expExpirationWhen the token expires (Unix timestamp)
nbfNot BeforeToken not valid before this time
iatIssued AtWhen the token was issued
jtiJWT IDUnique identifier for the token