What is a JWT token?
A JWT (JSON Web Token) is a compact, URL-safe token format used to securely transmit information between parties. It consists of three Base64-encoded parts: header, payload, and signature.
How do I decode a JWT token?
Paste your JWT token into the input field and the decoder will automatically split it into header, payload, and signature sections, displaying all claims and their values.
Can I verify a JWT signature with this tool?
No. Signature verification requires the secret key and can only be performed server-side. This tool displays the signature but cannot validate it without the key.
What is the difference between JWT header and payload?
The header contains metadata like the algorithm used (e.g., HS256), while the payload contains the actual claims or data being transmitted, such as user ID or expiration time.
How do I check if a JWT is expired?
Look at the Expires At claim in the decoded payload. If the expiration timestamp has passed, the token is expired and should not be used.