How to Decode a JWT Token
Decode and inspect JWT tokens instantly. View header, payload, claims, and expiration. Free JWT decoder with signature verification.
Open JWT Decoder →Step-by-Step Guide
1
Paste your JWT
Copy the full JWT token (the long string starting with "eyJ...") and paste it into the input field.
2
View decoded parts
The tool instantly splits the JWT into its three parts: header (algorithm info), payload (claims and data), and signature.
3
Inspect claims
See all claims clearly: subject (sub), issuer (iss), expiration (exp) with human-readable timestamps, and any custom claims.
4
Check expiration
The tool highlights whether the token is expired or still valid, showing the exact expiration date and time remaining.
Try It Now — Free
No signup, no download. Runs entirely in your browser.
Open JWT DecoderFrequently Asked Questions
Is it safe to paste my JWT here?
Yes. Decoding happens entirely in your browser. The token is never sent to any server. However, never share JWTs publicly as they may contain sensitive claims.
Can it verify JWT signatures?
The tool decodes and displays the signature. For full verification, you need the signing key (secret or public key), which you can optionally provide.
What is a JWT used for?
JSON Web Tokens are used for authentication and authorization. After login, a server issues a JWT that the client sends with each request to prove identity.