A JWT consists of three parts separated by dots: the header, the payload, and the signature. This tool takes a JWT, Base64-decodes the first two parts, and then pretty-prints the resulting JSON. It does not and cannot verify the signature, as that requires your secret key.

1. Paste your JWT into the input field.
2. The decoded header and payload will appear instantly in separate, readable boxes.
3. If the token is malformed, an error message will be displayed.

• Debugging an authentication token from an API.
• Inspecting the claims (like user ID or roles) inside a token.
• Verifying the structure of a JWT before implementing it in an application.

• Real-Time Decoding: See the decoded header and payload as you type.
• Clear Separation: Displays the header and payload in distinct, easy-to-read panels.
• Pretty-Printed JSON: Automatically formats the JSON for readability.
• Error Detection: Instantly flags malformed tokens.

JWT (JSON Web Token) is a compact, URL-safe standard (RFC 7519) for creating access tokens. The header contains metadata, and the payload contains 'claims' (statements about the user and token). The signature is used to verify that the token has not been tampered with.

All calculations and data processing for this tool are performed locally in your browser. We do not send any of your data to our servers, ensuring your information remains private and secure.