schedule

Reset Schedule: 00:00 & 12:00 (GMT+7) Daily

security

JWT Decoder

Decode and analyze JSON Web Tokens (JWT)

security JWT Decoder

Paste your JWT token here for decoding

warning

Security Notice:

This tool decodes JWT tokens for inspection purposes. Never enter sensitive tokens from production systems. JWT tokens contain encoded but not encrypted data.

help_outline Understanding JWT

What is JWT?

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.

JWT Structure

  • looks_one Header: Contains token type and signing algorithm
  • looks_two Payload: Contains claims (user data and metadata)
  • looks_3 Signature: Verifies token integrity and authenticity

Common Claims

iss (Issuer)

Token issuer identifier

sub (Subject)

Subject/user identifier

exp (Expiration)

Token expiration timestamp

iat (Issued At)

Token creation timestamp

security

Important:

JWT payload data is encoded, not encrypted. Anyone with the token can read its contents. Never include sensitive information in JWT claims.

code Example JWT Token

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

Header:

{"alg":"HS256","typ":"JWT"}

Payload:

{"sub":"1234567890","name":"John Doe","iat":1516239022}

Signature:

HMACSHA256(base64UrlEncode(header) + "." + base64UrlEncode(payload), secret)