JWT Token
Paste your JWT token here
Decoded JWT
Enter a valid JWT to see decoded content
Enter a JWT token to see the decoded content
Supported Algorithms
HMAC
RSA
ECDSA
What is a JWT?
A JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. It is commonly used for authentication and authorization in web applications. A JWT consists of three parts: a header, a payload, and a signature.
How to use our JWT Debugger
- Paste your JWT token into the input field to decode it.
- The header and payload will be displayed in a readable format.
- To verify the signature, enter your secret key and click "Verify Signature".
- To encode a new token, switch to "Encode" mode, fill in the header and payload, provide a secret key, and click "Encode Token".
Features of our JWT Debugger
- Decode & Encode: Easily switch between decoding existing tokens and encoding new ones.
- Signature Verification: Verify the integrity of your JWTs with your secret key.
- Algorithm Support: Supports all major signing algorithms, including HMAC, RSA, and ECDSA.
- Claim Explanations: Understand the meaning of standard JWT claims.
Frequently Asked Questions (FAQ)
What is the difference between the header, payload, and signature?
The header contains metadata about the token, the payload contains the claims (the data), and the signature is used to verify that the token has not been tampered with.
Is it safe to use this tool with my production JWTs?
Yes, all processing is done on the client-side in your browser. No data, including your tokens and secret keys, is ever sent to our servers.
What is a "claim" in a JWT?
A claim is a piece of information asserted about a subject. For example, a claim could be the user's name or their permissions.