JWT Decoder
Paste a JWT to see its decoded header and payload, with expiry and issued-at times spelled out.
Runs 100% in your browser•Nothing is uploaded to a server•Free forever
Input
Decoding only — the signature is shown but never verified against a key.
About this JWT decoder
Paste any JSON Web Token and this tool splits it on its two dots, base64url-decodes the header and payload, and pretty-prints both as JSON. If the payload has iat, nbf, or exp claims, their Unix-timestamp values are also shown as human-readable dates, along with whether the token is currently expired. This is a decoder, not a verifier — the signature segment is displayed as-is so you can see it exists, but it is never checked against a key, so a decoded token here tells you nothing about whether the JWT is authentic. Nothing is uploaded; decoding happens entirely in your browser, which also means you can safely inspect tokens containing sensitive claims without them leaving your machine.