JWT Decoder
Decode and view JWT token structure instantly
Free online JWT decoder to decode and inspect JSON Web Tokens instantly. View header, payload, claims, user ID, email, roles, and expiration. Debug 401 errors and verify OAuth2, Auth0, Firebase, AWS Cognito tokens. Shows JSON and table formats. 100% client-side—tokens never leave your browser.
HEADER
Header will appear here
PAYLOAD
Payload will appear here
What Is a JWT Decoder?
A JWT Decoder splits a JSON Web Token into its three parts — Header, Payload, and Signature — and Base64-decodes the header and payload so you can inspect the claims inside. JWTs are widely used for authentication and authorization in modern web applications, APIs, and microservices.
What Information Can You Find in a JWT?
- Header (alg, typ): The signing algorithm (HS256, RS256, ES256) and token type
- Payload claims: User ID, email, role, permissions, and custom claims
- iat (Issued At): When the token was created (Unix timestamp)
- exp (Expiration): When the token expires — helps debug "token expired" errors
- iss (Issuer): Who issued the token (e.g., Auth0, Firebase, your API)
- sub (Subject): The subject of the token, typically the user ID
Common Use Cases
- Debugging authentication issues in REST APIs and GraphQL
- Checking token expiration times to troubleshoot "401 Unauthorized" errors
- Inspecting user roles and permissions embedded in tokens
- Verifying the signing algorithm (HS256 vs RS256) during OAuth2 integration
- Reviewing tokens from identity providers like Auth0, Keycloak, Firebase, or AWS Cognito
Security note: This tool only decodes JWTs — it does not verify the signature. Always verify tokens server-side in production. Never trust client-decoded JWT claims for authorization decisions.