JWT Decode (View Header/Payload, No Signature Verification)
Paste a token to inspect its contents instantly (signature validity is not verified).
exp / iat / nbf are shown as Unix time and datetime (UTC/local) with relative status.
Warning: This page does not verify signatures
This page only decodes token contents. Because signature verification is not performed, tampering cannot be detected. Do not use this output to judge authenticity.
Input tokens are processed in your browser and are not sent to a server.
How to use
- Paste a JWT (Bearer prefix is accepted).
- Check Payload / Header tabs.
- Use datetime and relative views for exp / iat / nbf.
Sample
Inspect API token claims
Input: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...
Output: Formatted alg, typ, iss, sub, aud, exp fields
Security and Privacy
- This tool is display-only (no signature verification).
- Input tokens are processed locally in the browser and not transmitted.
- Handle sensitive tokens carefully when sharing screenshots or logs.
- If verification is required, use dedicated verification tools or server-side validation.
FAQ
What does “no verification” mean?
This page only decodes and displays token contents. Since signatures are not verified, tampering cannot be detected. Do not use it for authenticity decisions.
I do not want to enter a secret key
No secret key is required. Only the JWT string is needed to view header/payload.
Can I read exp as datetime?
exp (and iat / nbf) are shown as Unix time and datetime with UTC/local toggle.
Can this read encrypted JWE tokens?
No. This tool targets typical JWS-style 3-part JWT decoding and does not decrypt JWE.
Will tokens with alg:none still display?
They can be displayed, but without verification this tool cannot determine safety or authenticity.