JWT decoder

Auth & tokens

Paste a JSON Web Token to see its decoded header, payload, and claim interpretations. The token is never sent to the server — all decoding happens in your browser.

JWT

The token is never sent over the network. Decoding happens entirely in your browser.

Claims

Expired

iat (issued at)

1716241200 → 2024-05-20T21:40:00.000Z (733d ago)

exp (expires)

1716327600 → 2024-05-21T21:40:00.000Z (732d ago)

sub (subject)

1234567890

Header

{
  "alg": "HS256",
  "typ": "JWT"
}

Payload

{
  "sub": "1234567890",
  "name": "Jane Doe",
  "iat": 1716241200,
  "exp": 1716327600
}

Signature

Signature shown as the raw base64url value. Verifying it requires the signing key and is out of scope for a client-side decoder.

aJ3RzM9YHbS6h9wPN8mUYTpZRRG2RJ5fXSiqgI4mP1Q