Paste a JWT token to decode
๐ Token Claims Analysis
โ ๏ธ Signature cannot be verified without the secret key. This tool only decodes โ it does not validate signatures.
About JWT
What is a JWT? โผ
A JSON Web Token (JWT) is a compact, URL-safe means of representing claims between two parties. It consists of three Base64URL-encoded parts separated by dots: Header (algorithm info), Payload (claims/data), and Signature (verification). JWTs are commonly used for authentication and information exchange.
What are JWT claims? โผ
Claims are statements about the user stored in the payload. Standard claims include: sub (subject/user ID), iss (issuer), exp (expiration time), iat (issued at), nbf (not before), aud (audience). Custom claims can also be added for application-specific data.
Is it safe to paste my JWT here? โผ
Decoding happens entirely in your browser โ no data is sent to any server. However, be cautious: if your JWT contains sensitive user data and you paste it in a public/shared computer, that could be a risk. Never share JWTs publicly as they grant access to your system.