JSON Web Token (JWT) Debugger

Decode, verify, and generate JSON Web Tokens, which are an open, industry standard RFC 7519method for representing claims securely between two parties.

For your protection, all JWT debugging and validation happens in the browser. Be careful where you paste or share JWTs as they can represent credentials that grant access to resources. This site does not store or transmit your JSON Web Tokens outside of the browser.

Enable auto-focus

Encoded (Input)

Decoded • Header (Output)

{

"alg": "HS256",

"typ": "JWT"

}

{
  "alg": "HS256",
  "typ": "JWT"
}

Decoded • Payload (Output)

{

"sub": "1234567890",

"name": "John Doe",

"iat": 1516239022

}

{
  "sub": "1234567890",
  "name": "John Doe",
  "iat": 1516239022
}

Signature Verification

Secret

Enter the secret used to sign the JWT below:

HMACSHA256(
  base64UrlEncode(header) + "." +
  base64UrlEncode(payload),
  your-256-bit-secret
)

About JWT Debugger

JSON Web Token (JWT) Debugger allows you to decode, verify, and generate JSON Web Tokens for debugging and development purposes.

Supported features:

Decode: Parse and display JWT header, payload, and signature
Encode: Generate signed JWT tokens from header and payload JSON
Signature Verification: Validate HMAC signatures using a secret key
Expiration Check: Automatically detect expired tokens

Use cases: API authentication debugging, token validation, JWT development and testing, security auditing.