JWT decoder
Decode a token's header and payload — locally, never sent anywhere. Private
—
—
Frequently asked questions
Is my token sent anywhere?
No — decoding happens entirely in your browser, so it's safe for tokens you don't want to paste into a website.
Can it verify the signature?
Yes, for HS256 — enter the secret and it checks the signature locally. Decoding shows the header and payload regardless.