JWT Decoder
Decode header, payload, and signature from a JWT. Everything runs locally — tokens are never uploaded.
Decoding happens locally. Verification with a secret is not performed in this tool.
Are my tokens sent anywhere?
No. Decoding happens locally in your browser, so sensitive tokens never leave your device.
Does this verify the JWT signature?
The tool decodes and inspects the token. Signature verification requires the secret or public key and should be done in a trusted environment.
What token formats are supported?
Standard JWTs using base64url-encoded header and payload segments are supported.