Decode token payloads

JWT Decoder

Read the header and payload of a JWT quickly when you need to inspect claims, expiry, or token structure during development.

Token

Decode only. This tool does not verify the signature of the token.

Header

{
  "alg": "HS256",
  "typ": "JWT"
}

Payload

{
  "name": "DevTools",
  "role": "developer",
  "iat": 1700000000
}

IAT

2023-11-14T22:13:20.000Z

How to use

Step 1

Paste the token

Provide a JWT in the typical header.payload.signature format. The decoder reads the first two segments as Base64URL-encoded JSON.

Step 2

Inspect algorithm, token type, custom claims, and time-based claims without manually copying segments into another tool.

Step 3

Decoding is useful for inspection. Signature validation and trust decisions must happen in a proper security context.

FAQ

Does this tool verify the JWT signature?

No. It decodes the visible header and payload only. Signature verification requires the signing key and a trusted validation flow.

Why are exp and iat shown as dates?

These fields are typically Unix timestamps. Converting them to readable dates makes it easier to inspect token lifetime.

Can I decode tokens with custom claims?

Yes. Any JSON claims in the payload are shown as-is after decoding.

Related tools

Timestamp Converter

Translate exp, iat, and nbf claims into UTC and local times.

JSON Formatter

Pretty-print decoded payloads if you need another clean JSON view.