JWT Decoder
Paste a JSON Web Token to inspect its header and payload. Everything runs locally in your browser.
Decoding only — the signature is NOT verified. Anyone can forge a token with any claims. Never trust a JWT's contents without verifying its signature server-side.
Token
Base64url decoding with UTF-8 support. iat / exp / nbf claims are annotated with your local time and a relative note.