JWTDecoder

Decode JSON Web Tokens

Paste a token to inspect its Header, Payload, and Signature securely.

Encoded Token

Note: We only decode the token. We do not verify the signature key.

Header

Algorithm & Token Type

{...}

Payload

Data (Claims)

{...}

Signature

Verification

...

Understanding JWT Structure

Header

Typically consists of two parts: the type of the token (JWT) and the signing algorithm (HMAC SHA256 or RSA).

Payload

Contains the claims. Claims are statements about an entity (typically, the user) and additional data.

Signature

Used to verify that the sender of the JWT is who it says it is and to ensure that the message wasn't changed along the way.