JWT Decoder

Decode JWT tokens online without verifying signatures. Paste a token, inspect the header and payload JSON, and copy decoded claims for debugging.

1. Enter your input

Paste text, code, data, or the value you want to inspect.

2. Run the tool

Format, encode, decode, validate, test, or generate the result instantly.

3. Copy the output

Use the cleaned result in your code, docs, API workflow, or notes.

{
  "alg": "HS256",
  "typ": "JWT"
}

{
  "sub": "1234567890",
  "name": "UtilFlow",
  "iat": 1516239022
}

This tool decodes header and payload only. It does not verify signatures.

Related tools

Useful next steps

Base64 Encode/DecodeEncode and decode Base64 strings URL ParserParse URLs and inspect query parameters JSON FormatterFormat, validate, minify, and copy JSON data JavaScript FormatterFormat and beautify JavaScript code online Base64 Image EncoderConvert images to Base64 data URLs URL Encode/DecodeEncode and decode URL parameters

When to decode a JWT

JWT decoding helps inspect authentication claims, API tokens, expiration fields, user IDs, scopes, and debugging payloads without sending the token to a server.

JWT Decoder FAQ

Does this verify the JWT signature?

No. It decodes the header and payload only. Signature verification requires the correct secret or public key.

Is JWT decoding the same as decrypting?

No. Most JWT payloads are Base64URL encoded, not encrypted. Avoid pasting sensitive production tokens into tools you do not control.

What fields should I check?

Common fields include exp, iat, sub, iss, aud, scope, roles, and any custom claims used by your application.