JWT Decoder: How to Decode and Debug JWT Tokens
Decode JSON Web Tokens to view header, payload, and expiration. Debug JWT authentication issues with our free online decoder.
JSON Web Tokens (JWT) are everywhere in modern authentication. Learn how to decode JWT tokens to debug authentication issues.
What is a JWT?
A JWT consists of three parts: Header, Payload, and Signature - separated by dots.
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
How to Decode a JWT
- Paste your JWT token
- Click "Process"
- View the decoded header and payload
Common JWT Claims
- sub (Subject) - User identifier
- exp (Expiration) - Token expiry time
- iat (Issued At) - Token creation time
- iss (Issuer) - Who created the token
Check Token Expiration
Our decoder shows the expiration timestamp, human-readable date/time, and whether the token is still valid.
Debugging Authentication Issues
When debugging auth problems:
- Decode the JWT to check expiration
- Verify the payload contains expected claims
- Check the JSON structure of the payload
- If using Basic Auth, also check Base64 encoding
JWT vs Base64
JWTs use Base64URL encoding (a variant of Base64), but they're not the same:
- Base64 is just encoding
- JWT includes structure and (usually) cryptographic signing
Security Note
Our tool runs entirely in your browser - nothing is sent to any server. Safe for debugging sensitive tokens.
Related Developer Tools
- JSON Formatter - Format the decoded payload
- Base64 Encoder - Understand token encoding
- Regex Tester - Extract tokens from logs
Conclusion
Debugging JWT issues is easy with our free decoder. Paste any JWT to instantly view its contents and check expiration.