JSON Web Tokens (JWT) are a compact, URL-safe means of representing claims to be transferred between two parties. This tool decodes JWTs for inspection and debugging purposes.
JWT Structure
Header: Contains metadata about the token, including the signing algorithm
Payload: Contains the claims or data being transmitted
Signature: Used to verify that the token hasn't been tampered with
Common Claims
sub (Subject): The subject of the token
iss (Issuer): Who issued the token
aud (Audience): Who the token is intended for
exp (Expiration): When the token expires
iat (Issued At): When the token was issued
nbf (Not Before): When the token becomes valid
Important: This tool only decodes tokens - it does not verify signatures or validate tokens. Never paste sensitive tokens on untrusted websites.