← CatalogJWT Decoder

JWT Decoder

Paste a JSON Web Token to inspect its header and payload. Everything runs locally in your browser.

Decoding only — the signature is NOT verified. Anyone can forge a token with any claims. Never trust a JWT's contents without verifying its signature server-side.
Token

Base64url decoding with UTF-8 support. iat / exp / nbf claims are annotated with your local time and a relative note.