JWT Decoder for Header, Payload, and Claims Viewer

Inspect JSON Web Token header, payload, and registered claims without treating the token as trusted.

Paste a JSON Web Token to inspect its Base64 URL decoded header and payload. Use the output for debugging and review only; this tool does not verify signatures, issuers, audiences, or token trust.

How it works

The tool displays the token header and payload as formatted JSON. Numeric iat, exp, and nbf values are also shown as UTC ISO dates when present.

The signature segment is not checked. A decoded token can still be expired, forged, from an unexpected issuer, sent to the wrong audience, or signed with an untrusted key. Use your application or identity provider to validate tokens before trusting them.

The decode step runs locally in the browser, but tokens can contain sensitive identifiers. Avoid pasting production bearer tokens unless you understand the risk.

References

Keep the flow going

More tools to try

Jump into another Nerdmosis shortcut picked from the toolbox.

Base100 Emoji Encoder and Decoder for UTF-8 Text Encode and decode Adam Niederer's Base100 emoji format locally in your browser. SHA-256 Hash Generator for 64-Character Hex Digests Generate a SHA-256 hash of a string of text. Keccak-256 Hash Generator for 64-Character Hex Digests Generate a Keccak-256 hash of a string of text. Decimal Encoder and Decoder for UTF-8 Byte Values Encode and decode decimal byte values using an online tool.