JWT Decoder

Paste a JWT token and inspect every part instantly. Great for debugging auth, role claims, and expiration.

Privacy: processed locally, never uploaded.

↓ Paste in the input area below to see results instantly

Paste your JWT token here

Full token or Bearer-prefixed string. Decoding starts automatically after paste.

Paste a JWT token and inspect every part instantly. Great for debugging auth, role claims, and expiration.

Quick start

  1. Paste token

    Bearer prefix is accepted and stripped automatically.

  2. Inspect header and payload

    Focus on alg, sub, aud, exp, and custom claims.

  3. Check expiry and signature

    The tool warns if token is expired, expiring soon, or missing signature.

What JWT is

JWT is a three-part token format commonly used for authentication.

The three parts are header, payload, and signature separated by dots.

How to debug auth issues

Check exp first, then verify aud and iss match backend expectations.

If signature is empty, the token is often truncated or malformed.

Examples

Sample token

Input

eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjMiLCJleHAiOjQ3MDI0NDQ4MDB9.signature

After decoding, you can inspect sub=123 and exp claim.

FAQ

Will my token be uploaded?

No. Decoding runs locally in your browser.

Why token is marked expired?

Because exp claim is earlier than current time. Check issuer timezone and expiration policy.

Does it support Bearer prefix?

Yes, it is automatically stripped.