JWT Decoder & Verifier Online
Decode JWT claims, validate signature, and track token expiration
Decode JWT tokens, verify HMAC signature with secret, inspect claims, and check exp countdown in real time.
Enter secret to verify HS256/HS384/HS512
| Header | ||
|---|---|---|
| alg(Algorithm) | HS256(HMAC using SHA-256) | |
| typ(Type) | JWT | |
| Payload | ||
| sub(Subject) | 1234567890 | |
| name(Full name) | John Doe | |
| iat(Issued At) | 1516239022(1/18/2018 9:30:22 AM) | |
Debug and validate JWT tokens in your browser
Use this JWT parser to decode token header and payload, verify HMAC signatures with your secret, and inspect claim timestamps. It is built for fast troubleshooting of auth flows during development and testing.
Key features
- Decode JWT header and payload with claim descriptions.
- Verify HS256/HS384/HS512 signatures using your secret.
- Show exp countdown and convert exp/iat/nbf to local time.
- Quick copy actions for readable timestamp values.
Use cases
- Debugging login failures caused by invalid JWT signatures.
- Checking whether access tokens are expired or about to expire.
- Inspecting custom claims returned by auth providers.
- Validating tokens in local, staging and production environments.
Frequently Asked Questions
Can this tool verify JWT signatures?
Yes. Enter your secret to verify HS256, HS384 or HS512 signatures and quickly check whether the token is valid.
Which JWT fields can I inspect?
You can inspect header and payload claims, including exp, iat and nbf. Timestamp claims can be converted to local time.
Why does signature validation fail?
Common causes are wrong secret, algorithm mismatch, modified token content, or extra spaces when copying the JWT.
Is this JWT decoder free?
Yes. It is free to use and does not require signup.