JWT Token Analysis
JWT Decoder
Parse and decode JSON Web Tokens to analyze their structure and content. Secure, fast, and completely free.
JWT Token Input
Paste your JSON Web Token below to decode it
Characters: 0 | Trimmed: 0
Understanding JWT Structure
Learn about the three parts of a JSON Web Token
Header
Contains metadata about the token, including the signing algorithm (alg) and token type (typ). Common algorithms include HS256, RS256, and ES256.
Payload
Contains the claims - statements about an entity and additional data. Includes standard claims like iss (issuer), exp (expiration), and sub (subject).
Signature
Used to verify the token hasn't been tampered with. Created by encoding the header and payload with a secret key using the specified algorithm.
Common JWT Claims
Standard claims you'll find in JWT payloads
Standard Claims
iss (Issuer)
Identifies who issued the token
sub (Subject)
Identifies the subject of the token
aud (Audience)
Identifies the recipients of the token
exp (Expiration)
Expiration time after which the token is invalid
Timing Claims
iat (Issued At)
Time at which the token was issued
nbf (Not Before)
Time before which the token is not valid
jti (JWT ID)
Unique identifier for the token
Custom Claims
Application-specific claims for additional data
Other Developer Tools
Explore our complete toolkit for developers