Browser-only token inspector
JWT Decoder
Decode JSON Web Tokens, inspect header and payload claims, check expiration, and learn what each token field means.
Local decodingClaim inspectionExpiration check
Important
Decoding a JWT does not verify its signature or prove it can be trusted.
Input
Paste a JWT.
Treat JWT payloads as readable data. Do not put passwords, private keys, or sensitive secrets in token claims.
Decoded output
Header, payload, and claims.
Decoded token details will appear here.
Related Tools
Basic Auth Encoder — HTTP Authorization Header
Generate HTTP Basic Authorization headers from username and password, or decode existing ones.
Cookie Parser — Parse HTTP Cookie Strings
Parse pasted Set-Cookie or Cookie header strings to inspect cookie names, values, attributes, and common security flags.