▸ Free tool
JWT Decoder.
Paste a JWT to read its header and payload. Decoding happens in your browser — the token never leaves the page.
▸ Decode only
This does not verify the signature — it only decodes. Never trust a JWT you haven't verified server-side. Don't paste production secrets.
▸ Header
—▸ Payload
—▸ Claims