JWT-Decoder
Dekodiert JWT-Header und Payload im Browser (ohne Signaturprüfung).
Paste a JWT and click Decode.
What is JWT Decoder?
JWT Decoder reads the header and payload of a JSON Web Token (JWT) and displays them in readable JSON. Decoding happens entirely in your browser Ethe token is never sent to any server. Note: this tool decodes only; it does not verify the signature.
How to use
- Paste a JWT (three Base64URL-encoded parts separated by dots) into the input.
- Click Decode.
- The Header section shows the algorithm and token type.
- The Payload section shows the claims such as
sub,exp, and custom fields.
Notes
- The signature (third part) is not verified. Do not rely on this tool for authentication or trust decisions.
- JWTs are Base64URL-encoded, not encrypted. Anyone with the token can decode the payload.
- Avoid pasting production tokens containing sensitive user data into any online tool.
FAQ
- What does a JWT look like?
- A JWT is three Base64URL strings joined by dots:
xxxxx.yyyyy.zzzzz. The first is the header, the second is the payload, and the third is the signature. - Can this tool verify a JWT signature?
- No. Signature verification requires the secret key or public key used when the token was signed. This tool only decodes the Base64URL-encoded parts.
- What is the
expfield? - The
expclaim is a Unix timestamp indicating when the token expires. Compare it to the current time to check validity.
Embed this tool
Paste this iframe into any HTML page to embed JWT-Decoder on your site:
Ähnliche Tools
-
UUID-Generator
Erzeugt zufällige UUID-v4-IDs für Apps, APIs und Datenbanken.
-
Unix-Timestamp-Konverter
Konvertiert Unix-Timestamps in lesbare Datumswerte und zurück.
-
JSON Formatter & Validator
Formatiert und validiert JSON mit klaren Parse-Fehlern.
-
HTML-Entity Encoder / Decoder
Kodiert Sonderzeichen als HTML-Entities oder dekodiert sie zurück.
-
Hash-Generator (SHA-256 / SHA-1 / MD5)
Erzeugt gängige Text-Hashes wie SHA-256, SHA-1 und MD5.