JWT Decode (Show Header/Payload - No Signature Verification)
Simply paste a token to display its contents (signature validity is not checked).
Note: This page does not verify signatures
The content shown here is the 'decoded result'. Since the signature is not verified, tampering cannot be detected. Do not use for validity confirmation.
Note: This page does not verify signatures
The content shown here is the 'decoded result'. Since the signature is not verified, tampering cannot be detected. Do not use for validity confirmation.
JWT Input
Bearer prefix and whitespace are automatically removed.
Decode Results
Key Claims
Only existing claims are displayed.
| Claim | Value |
|---|---|
| Key claims will be displayed here. | |
Options
Usage
-
Paste the JWT (Bearer prefix is OK).
-
Check Payload / Header.
-
Refer to datetime display for exp / iat / nbf.
Security and Privacy
- This tool is for display only (no signature verification).
- Processing is done entirely within the browser; nothing is sent over the network.
- Be careful when handling sensitive tokens (e.g., sharing screenshots).
- Use verification tools or server-side verification if validity checks are needed.
FAQ
What does "No Verification" mean?
This page only decodes and displays the token. Since it does not verify the signature, it cannot distinguish if the token has been tampered with. Do not use for validity judgment.
I don't want to enter my private key
No private key is required. It displays the header/payload with just the token (JWT string).
I want to see the expiration (exp) as a datetime
exp (and iat / nbf) are shown with both Unix time and datetime (UTC/Local).
Can it read JWE (Encrypted JWT)?
No. This tool assumes standard JWS (3-part JWT) decoding display. Content cannot be decrypted if it is encrypted (JWE).
Does it display even with "alg: none"?
It can display it, but since verification is not performed, it cannot be used to judge security or validity.