Decodificador JWT
Decodifica header y payload de JWT en el navegador (sin verificar firma).
Paste a JWT and click Decode.
What is JWT Decoder?
JWT Decoder reads the header and payload of a JSON Web Token (JWT) and displays them in readable JSON. Decoding happens entirely in your browser Ethe token is never sent to any server. Note: this tool decodes only; it does not verify the signature.
How to use
- Paste a JWT (three Base64URL-encoded parts separated by dots) into the input.
- Click Decode.
- The Header section shows the algorithm and token type.
- The Payload section shows the claims such as
sub,exp, and custom fields.
Notes
- The signature (third part) is not verified. Do not rely on this tool for authentication or trust decisions.
- JWTs are Base64URL-encoded, not encrypted. Anyone with the token can decode the payload.
- Avoid pasting production tokens containing sensitive user data into any online tool.
FAQ
- What does a JWT look like?
- A JWT is three Base64URL strings joined by dots:
xxxxx.yyyyy.zzzzz. The first is the header, the second is the payload, and the third is the signature. - Can this tool verify a JWT signature?
- No. Signature verification requires the secret key or public key used when the token was signed. This tool only decodes the Base64URL-encoded parts.
- What is the
expfield? - The
expclaim is a Unix timestamp indicating when the token expires. Compare it to the current time to check validity.
Embed this tool
Paste this iframe into any HTML page to embed Decodificador JWT on your site:
Herramientas relacionadas
-
Generador de UUID
Genera UUID v4 aleatorios para apps, APIs y bases de datos.
-
Convertidor de Timestamp Unix
Convierte timestamps Unix a fecha legible y viceversa.
-
Formateador y Validador JSON
Formatea y valida JSON con sangría legible y errores claros.
-
Codificador/Decodificador de Entidades HTML
Convierte caracteres especiales en entidades HTML y viceversa.
-
Generador de Hash (SHA-256 / SHA-1 / MD5)
Genera hashes de texto comunes como SHA-256, SHA-1 y MD5.