JWT Decoder

Paste a JSON Web Token and see its header, payload, and signature, with the time-based claims (iat, nbf, exp) shown as both UTC and relative time. The signature is displayed but not verified — we don't have your key, so a clean decode says nothing about whether a server will accept the token.

three dot-separated base64url segments
How to use this decoder
  • Paste a JWT into the box above. Decoding happens as you type.
  • The header shows the algorithm (alg) and the token type (typ); some issuers also include a key id (kid).
  • The payload lists every claim. Standard claims from RFC 7519 § 4.1 (iss, sub, aud, exp, nbf, iat, jti) are marked as such.
  • Time claims (iat, nbf, exp) are shown as both UTC and a relative string (in 12 minutes, 3 hours ago). The verdict bar flags expired or not-yet-valid tokens.
  • This tool does not verify the signature. It only decodes the visible parts. Use your server's verification routine to confirm a token.
  • Tokens are processed entirely in this tab. Nothing is uploaded.