JWT Decoder & Validator
Paste a JWT and instantly see what's inside. Header, payload, expiry checks, all right here in your browser.
Paste a token above to decode and validate it.
About this tool
JWTs show up everywhere in modern auth. OAuth tokens, session cookies, API keys, you name it. When something breaks in your login flow or an API starts returning 401s, the first thing you want to do is crack open the token and see what's inside. This tool lets you paste a JWT and instantly see the header, payload, and signature. It also checks common time claims like exp, nbf, and iat so you can spot expired or not-yet-valid tokens without doing the math yourself.
Decodes as you paste, no button needed
Shows header and payload as formatted JSON
Checks expiry, not-before, and issued-at claims automatically
Color-coded status so you know if something's off at a glance
Copy header, payload, or full token with one click
Runs entirely in your browser, your tokens never leave your device