adfree.services | JWT Decoder

JWT Decoder

Decode the readable header and payload inside a JSON Web Token directly in your browser. This tool helps you inspect claims like issuer, subject, expiration, and issue time without sending the token to the server.

Decoding is not signature verification

A JWT decoder shows you what is inside the token, but it does not prove the token is valid or trusted. Signature verification requires the correct secret or public key, which this tool does not use.

JWT token

JWTs usually have three dot-separated parts: a header, a payload, and a signature.

Signature segment

Paste a token to decode it locally.

Algorithm --

Type --

Issued at --

Not before --

Expires --

Decoded header

Decoded payload

What this tool does

A JWT is a token format that stores claims in a Base64URL-encoded header and payload. This tool decodes those readable parts for inspection.

Why it is private

The decode step happens entirely in your browser. Your token is never uploaded to the server, not logged by the app, and not stored in server memory.

What it is useful for

Inspecting claims like sub, iss, aud, iat, and exp.
Checking whether a token looks expired or is missing expected fields.
Debugging authentication flows without pasting tokens into a server-side tool.

Important note

JWTs often contain sensitive claims. This tool keeps them on the page, but you should still avoid sharing tokens casually, especially production tokens.