JWT Decoder

Decode and inspect JSON Web Tokens — header, payload, and signature

JWT Token

✓Valid — expires in 2282797h 49m (11/20/2286, 5:46:39 PM)

Header — Algorithm & Token Type

{
  "alg": "HS256",
  "typ": "JWT"
}

Payload — Claims & Data

{
  "sub": "1234567890",
  "name": "John Doe",
  "iat": 1516239022,
  "exp": 9999999999
}

Signature

SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

The signature cannot be verified client-side without the secret key. Never share your secret key.

Standard JWT Claims Reference

issIssuer — who issued the token

subSubject — who the token is about

audAudience — intended recipients

expExpiration — Unix timestamp

nbfNot Before — valid from this time

iatIssued At — creation timestamp

jtiJWT ID — unique identifier

algAlgorithm — signing algorithm (header)

❓JWT Decoder FAQ

🔗Related Tools

Base64 Encoder/Decoder

Encode and decode Base64 strings

Try this tool→

Hash Generator

Generate MD5, SHA1, SHA256, SHA512 hashes

Try this tool→

JSON Formatter

Format, validate, and beautify JSON with syntax highlighting

Try this tool→

Tip: Explore our complete toolkit to find more tools that can help with your workflow. Each tool is designed to work seamlessly with others for maximum productivity.

Disclaimer: A2ZKit's tools, calculators, cheat sheets, and articles are provided for general information and educational purposes only, on an "as is" basis without warranties of any kind. They are not financial, investment, tax, accounting, medical, health, or legal advice, and are not a substitute for a qualified professional. Results may be inaccurate or incomplete — verify independently and consult an appropriate professional before making any decision. Some tools process files — such as PDFs and images — entirely in your browser; you are responsible for keeping your own backups, and we are not liable for any data loss, file corruption, or inaccurate output. You use A2ZKit entirely at your own risk. By using the site you agree to our Terms of Service.