JWTデコーダー

What Is JWT Decoder?

JWT Decoder is a free online tool that decodes and inspects JSON Web Tokens (JWTs). Paste any JWT and instantly see the decoded header (algorithm and token type), the payload (all claims including subject, issuer, issued-at, and expiry), and the raw signature. The tool also shows a visual expiry status and a claims summary so you can quickly understand the token without writing any code.

How to Use JWT Decoder

1. Paste your JWT token into the input field, or click Load Sample to try an example.
2. The token is decoded in real time — no button press needed.
3. Review the color-coded header (purple), payload (blue), and signature (pink) sections.
4. Check the expiry status banner and claims summary at the top of the result.
5. Click Copy on any section to copy the decoded JSON.

Features

• Real-time JWT decoding as you type
• Color-coded header, payload, and signature sections
• Expiry status (valid / expired) with expiry timestamp
• Claims summary: sub, iss, iat, exp at a glance
• One-click copy for each section
• 100% client-side — token never leaves your browser

FAQ

What is a JWT?

A JSON Web Token (JWT) is a compact, URL-safe token format for transmitting claims between parties. It consists of three Base64URL-encoded parts — header, payload, and signature — separated by dots.

Is it safe to paste my JWT here?

Yes. The decoder runs entirely in your browser. Your token is never transmitted to any server. That said, avoid pasting tokens with sensitive production credentials into any public website as a best practice.

Does this tool verify the JWT signature?

No. Signature verification requires the secret key or public key, which you should never share. This tool only decodes and inspects the token contents.

What JWT algorithms are supported?

The decoder works with all standard JWT algorithms (HS256, HS512, RS256, ES256, etc.) because it only decodes the Base64URL-encoded parts — it does not perform cryptographic verification.