Base64url ≠ encryption
A JWT’s header and payload are just base64url text—anyone can read them. Only the signature proves integrity.
Plain sight
JWT Decoder
JWT Input
0 chars
Tip: Press Ctrl/Cmd + Enter to decode. You can also drop a
.jwt/.txt file.
Verification (optional)
Decoded
Header
Payload
Signature
About this tool
This decoder splits your JWT into header, payload, and signature. It Base64URL-decodes the first two parts and pretty-prints the JSON. Verification (optional) recreates the signing input (header.payload) and checks the signature locally using the Web Crypto API.
Verification support
- HS256 (HMAC SHA-256) with a secret string.
- RS256 (RSA PKCS#1 v1.5 + SHA-256) with a PEM public key (
BEGIN PUBLIC KEYorBEGIN RSA PUBLIC KEY). - Other algorithms will decode fine but show as “not supported” for verification.
Time claim helpers
If present, exp, nbf, and iat are interpreted as UNIX seconds and summarized with status chips (valid/expired/not yet valid).
Privacy
100% client-side. No network requests are made after page load. For sensitive tokens, prefer using this page offline (File → Save As) or the offline bundle.
5 Fun Facts about JWTs
Header is part of the signature
Change alg or kid and the signature breaks. The header is signed along with the payload.
Tied together
“None” was once allowed
The infamous "alg":"none" tokens skipped signatures. Modern libraries reject them, but decoders still reveal the claim.
Legacy quirk
Key hints ride in kid
A kid (key ID) header tells servers which public key to try. Without it, verifiers may brute-try every key they have.
Key roulette
Clock skew matters
Claims like exp and nbf usually get a few seconds of leeway. A fast/slow laptop clock can flip a token from valid to expired.
Time wobble