JWT Debugger
Debug, decode, and generate JSON Web Tokens (JWTs)
Decode JWT tokens to inspect their header and payload, verify signatures, or generate new tokens for testing and development.
JWT Token
Paste a JWT token to decode and verify
About JSON Web Tokens (JWT)
JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object.
JWT Structure:
- Header: Contains algorithm and token type
- Payload: Contains claims (user data, permissions, etc.)
- Signature: Ensures token hasn't been tampered with
⚠️ Security Note: JWTs are signed, not encrypted. Don't put sensitive information in the payload as it can be decoded by anyone.
Common JWT Claims
Standard Claims
iss- Issuersub- Subject (user ID)aud- Audienceexp- Expiration timeiat- Issued atnbf- Not before
Custom Claims
name- User's nameemail- User's emailrole- User's rolepermissions- User permissions