JWT Decoder

Decode a JWT's header and payload and turn exp/iat into human-readable times

도구를 불러오는 중…

🔒 Everything runs 100% in your browser. Your files and input are never uploaded to any server.

Paste in a JWT (JSON Web Token) and this tool base64url-decodes the header and payload into nicely formatted JSON, converting time values like exp and iat into human-readable dates. It's useful for developers who need to quickly inspect the contents of login and auth tokens.

How to use

  1. Paste the entire JWT token (header.payload.signature) into the input box.
  2. The header and payload are automatically decoded and shown as formatted JSON.
  3. Time values like exp (expiry) and iat (issued at) are shown as human-readable dates along with whether the token has expired.
  4. Use the copy button to put the decoded JSON on your clipboard.

FAQ

Is the signature verified too?
No. This tool only decodes the contents and does not verify the signature. Don't use it to judge whether a token has been tampered with.
How is expiry determined?
It compares the payload's exp value with the current time and shows 'valid' or 'expired'. Tokens without an exp don't show an expiry status.
Is the token sent to a server?
No. Decoding all happens in your browser, and the token is never sent to or stored on a server. Even so, handle production secret tokens with care.

← Back to all tools

가격 보기카톡 무료 상담