DiffCheck

JWT Inspector Online

Decode and inspect JWT tokens. View all claims with expiry detection and timestamp formatting.

JWT TOKEN

What Is JWT Inspector?

JWT Inspector is a tool for decoding and examining JSON Web Tokens (JWTs). It splits the token into its three parts — header, payload, and signature — and displays each claim in a structured table. Standard time claims (exp, iat, nbf) are automatically converted from Unix timestamps to human-readable ISO dates. The tool also shows whether the token has expired or how much time remains before it does. All processing is local — no token data leaves your browser.

How to Use JWT Inspector

  1. Paste your JWT token into the input area, or click Load Sample.
  2. The token is split into color-coded parts: header, payload, signature.
  3. The Header panel shows the algorithm and token type.
  4. The Payload panel shows all claims with timestamps decoded to readable dates.
  5. The expiry status is shown next to the payload title — green if valid, red if expired.
  6. Click Copy on any panel to copy the decoded JSON.

Features

  • Color-coded token display — header, payload, and signature highlighted in distinct colors
  • Structured claim table — all claims shown as key-value pairs
  • Timestamp decoding — exp, iat, nbf converted to ISO 8601 dates automatically
  • Expiry detection — shows whether the token is valid or expired with time remaining
  • Copy decoded JSON — copy header or payload as formatted JSON
  • Privacy-first — all processing is local, nothing is uploaded

FAQ

What is a JWT?

A JSON Web Token (JWT) is a compact, URL-safe token format used for authentication and information exchange. It consists of three Base64URL-encoded parts separated by dots: a header (algorithm and token type), a payload (claims), and a signature.

What is the difference between JWT Inspector and JWT Decoder?

JWT Inspector provides a structured, table-based view of all claims with special handling for standard claims like exp, iat, and nbf (timestamps are shown as human-readable dates). It also shows expiry status — whether the token is still valid or has expired.

Can this tool verify the JWT signature?

No. Signature verification requires the secret key or public key used to sign the token. This tool only decodes and displays the token contents. Never share your signing keys.

Is my JWT sent to a server?

No. All decoding happens entirely in your browser using JavaScript. No token data is sent to any server.