CodeScript

JWT Decoder

Decode a JWT's header and payload.

What it does

Paste a JSON Web Token and this tool splits it into its three parts, base64url-decodes the header and payload, and displays them as readable JSON — including common claims like exp, iat, and sub.

Common errors

  • Decoding doesn't verify the signature

    Decoding only reveals the header and payload contents. It does not prove the token is authentic — use the JWT Generator's verify mode with the correct secret for that.

FAQ

No — decoding happens entirely in your browser using base64url decoding and JSON.parse. Nothing is sent to a server.

Related tools