JWT Decoder

Paste a JSON Web Token to decode and inspect its header, payload, and signature.

How It Works

1

Paste your JWT

Paste the full JWT token (the three base64-encoded parts separated by dots).

2

Read the decoded sections

The header (blue), payload (purple), and signature (green) are displayed with formatted JSON.

3

Check expiration

Timestamps are converted to readable dates. Expiration status shows whether the token is still valid.

FAQ

No. Signature verification requires the secret key or public key, which this tool intentionally does not ask for. It only decodes.
Yes. Everything runs in your browser. The token is never sent to any server.
Standard claims: iss (Issuer), sub (Subject), aud (Audience), exp (Expiration), iat (Issued At), nbf (Not Before), jti (JWT ID).

Varstatt Toolkit

Each tool works standalone, runs entirely in your browser, and requires no signup.

JSON FormatterYAML ValidatorJSON ↔ YAMLRegex TesterUUID GeneratorHash GeneratorPassword GeneratorCrontab GeneratorTimestamp ConverterBase64 EncoderJWT DecoderImage to Base64Encrypt / DecryptColor ConverterCSV EditorMarkdown PreviewText DiffHTML ↔ MarkdownMarkdown to PDFMarkdown to DOCXQR Code GeneratorBarcode GeneratorMesh GradientCSS Cover ArtImage ConverterText to Gradient

Built & Maintained by Varstatt

Varstatt is a one-person product studio run by Jurij Tokarski, product engineer since 2011. These tools are free and open — no signup, no catch.