Do you store my token?

No. Security is our priority. Calculating decoding happens entirely in your browser using JavaScript. Your tokens never leave your computer.

Can I verify the signature?

This tool is an 'Inspector' mostly for debugging payload data. To verify the signature, you would need the secret key, which you should generally not paste into public websites.

JWT Inspector & Decoder

Encoded Token

Claim Validation

No valid claims found

Signature Verification

HMAC Shared Secret

Header

Header content...

Payload (Editable)

Payload content...

How to Use This JWT Inspector & Decoder

1Paste your JWT string into the input box
2The tool automatically decodes the Header and Payload
3View the claims (user data, expiration, etc.) in a readable JSON format
4Check the 'Expiration' status (Valid or Expired)
5Verify the algorithm used (e.g., HS256, RS256)

Features

✓Decode JWT Header and Payload
✓Human-readable date parsing (exp, iat, nbf)
✓Validity check (Expired vs Active)
✓Syntax highlighting for JSON
✓Works offline (Private - tokens aren't sent to server)
✓Supports standard claims inspection

What is a JWT?

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. It is commonly used for authentication and information exchange.