Paste your JWT token below to decode and inspect its header, payload, and signature. This tool runs entirely in your browser, no data is sent to any server.
What is a JWT?#
A JSON Web Token (JWT) is a compact, URL-safe way to represent claims between two parties. It consists of three parts:
- Header - Contains the token type and signing algorithm
- Payload - Contains the claims (user data, permissions, etc.)
- Signature - Verifies the token hasn’t been tampered with
Common JWT Claims#
| Claim | Name | Description |
|---|---|---|
iss | Issuer | Who issued the token |
sub | Subject | The user/entity the token represents |
aud | Audience | Intended recipient of the token |
exp | Expiration | When the token expires (Unix timestamp) |
nbf | Not Before | Token not valid before this time |
iat | Issued At | When the token was issued |
jti | JWT ID | Unique identifier for the token |

