About this tool
Paste a JSON Web Token to decode its header and payload and read the claims, with timestamp fields like exp and iat shown as readable dates. Decoding happens entirely in your browser — the token is never sent anywhere.
Frequently asked questions
Does it verify the signature?
No. It only decodes the Base64URL header and payload so you can inspect the claims. It does not check the signature.
Is my token safe?
Yes. Everything is decoded locally in JavaScript; the token never leaves your device.