JWT Inspector (JSON Web Token)

Decode and verify your JWT tokens instantly. Paste your token and analyze the Header, Payload, and Signature.

Encoded JWT Token

Verify Signature (Optional)

Paste your `secret` (for HS256) or Public Key (for RS256) to verify the signature.

What is this Inspector for?

A JWT (JSON Web Token) is a secure standard for transmitting information. This tool is vital for developers, allowing you to "open" the token to read its contents, check expiration dates, and debug authentication issues.

Guaranteed Security

This tool works 100% in your browser (client-side). Your tokens and secret keys never get sent to any server. What you paste here, stays on your machine.

Anatomy of a JWT

Part 1

Header

Defines the token type and signing algorithm (e.g. HS256). It is the metadata of the token.

Part 2

Payload

Contains the "claims" or useful data: user, role, expiration date, etc. This is the info that matters.

Part 3

Signature

The digital signature ensures the token hasn't been modified. It's generated using a secret key.