JWT Token Decode

JWT Decode

Decode header and payload locally. Verify signature with multiple JWS algorithms.

Token

JWT token

This tool runs fully in your browser. Avoid pasting sensitive production tokens or secrets on shared machines.

Signature verification

Local only JWS algorithms

Not verified

Algorithm (from header)

Use the selector below to verify with a specific algorithm.

Verify using Auto (use header alg) none (unsecured) HS256 HS384 HS512 RS256 RS384 RS512 PS256 PS384 PS512 ES256 ES384 ES512 EdDSA

Shared secret (HMAC)

Secret is Base64 encoded

Public key (PEM, SPKI)

Used for RS/PS/ES verification. Provide a PEM public key (SPKI).

Auto uses the token header algorithm. HSxxx uses a shared secret. RS/PS/ES uses a public key.

Decoded

Token parts

Parts: 0 Signature: 0

Time claims

exp: - iat: - nbf: -

Expiry evaluation uses your local system time.

No exp claim

Signature

-

Signature is the third part (base64url).

Header JSON

{}

Payload JSON

{}