Is it safe to paste my JWT token here?

Yes. All decoding happens locally in your browser using JavaScript's built-in atob() function. Your token is never transmitted to any server.

Can this tool verify the JWT signature?

This tool decodes and inspects the token content. Signature verification requires the signing secret or public key, which is a server-side operation.

What JWT algorithms are supported?

The decoder works with any JWT regardless of algorithm (HS256, RS256, ES256, etc.) since it only decodes the Base64 content without verifying the signature.

JWT Debugger - Decode Tokens Offline

Decode and inspect JSON Web Tokens securely in your browser. View header, payload, and expiration status without any server requests.

Token Inspector

lock Processing Locally

Paste JWT Token

Header Payload Signature

Header (JOSE)

Header will appear here...

Payload (Claims)

Payload will appear here...

info

About JWT Debugger

Our JWT Debugger is a free, offline token inspector that lets you decode and inspect JSON Web Tokens without sending them to any server. Developers frequently need to check the payload of a JWT but are hesitant to paste active session tokens into random websites. This tool decodes the Base64 token locally to show the header and payload data without ever making a network request.

Features

check Decode JWT header and payload instantly
check Auto-convert exp/iat/nbf to human-readable dates
check Visual badge showing token expiration status
check 100% client-side — your tokens never leave your device

How to Use

Paste your JWT token into the input field
The header and payload are decoded automatically
Check the status badge to see if the token is expired
Copy decoded sections with one click