Is the signature verified?

Decoding always works without a key — that is just Base64URL. Signature verification requires the secret (HS256) or the public key (RS256, ES256). Paste a key in the verify panel and the tool will run the check locally with WebCrypto.

What is the difference between JWT, JWS, and JWE?

JWS is a signed token (the common JWT layout — three Base64URL parts). JWE is encrypted — five parts, opaque payload, requires a decryption key. JWT is the umbrella term but in practice usually means JWS. This tool decodes JWS and inspects JWE structure.

How is the algorithm chosen?

The header field alg names it (HS256, RS256, ES256, EdDSA, etc.). HS* uses a shared secret, RS*/ES*/Ed* use asymmetric keys. Always validate alg server-side against an allowlist — never trust the value in the token.

Why is alg: none dangerous?

It tells a verifier to skip signature checking entirely. A library that honors it lets an attacker forge any payload. Always reject alg: none and pin to the specific algorithms your service issues.

No. Decoded tokens stay in the page. Recent inputs may be saved to your browser History (IndexedDB) which never leaves your device. You can clear it from the History page.

How do I decode a JWT token?

Paste your JWT into the input field on the Decode tab. The tool instantly splits the token into its header, payload, and signature parts and displays each section as formatted JSON. No server call is made — decoding happens entirely in your browser.

Is it safe to paste a JWT into this tool?

Yes. All processing is done client-side in your browser. Your token is never sent to any server. That said, avoid pasting production tokens with sensitive claims into any online tool as a general security practice.

Can this tool verify a JWT signature?

Yes. Switch to the Verify tab, paste your token, enter the HMAC secret, and select the algorithm (HS256, HS384, or HS512). The tool uses the Web Crypto API to verify the signature locally and reports whether it is valid.

JWT Encoder / Decoder / Signer

Decode JWT claims, sign tokens with HMAC-SHA256/384/512 via WebCrypto, and verify signatures — all 100% client-side.

Paste JWT

About the JWT Tool

A JSON Web Token (JWT) is an open standard (RFC 7519) for secure claims transmission. This tool lets you decode existing tokens to inspect claims, sign new tokens using HMAC-SHA256/384/512 via the browser's native crypto.subtle API, and verify token signatures — all without sending data anywhere.

HMAC Signing (client-side)

Unlike most online JWT tools, this tool uses the W3C Web Cryptography API to perform real HMAC signing. Your secret key and token data never leave your browser tab.

About JWT Encoder / Decoder

A JSON Web Token is a compact, URL-safe way to carry signed claims between two parties — typically an auth server and an API. The three Base64URL-encoded segments are the header, the payload, and the signature. Decoding is trivial; verifying the signature is what makes it trustworthy. This tool decodes the header and payload immediately, flags expired or not-yet-valid tokens, and lets you optionally verify the signature with a key you paste in.

What this tool does

Decode — header and claims rendered as formatted JSON.
Verify — HS256/384/512 with a secret, RS/ES/Ed with a PEM or JWK public key, all via WebCrypto.
Encode — sign a custom payload with a secret or private key.
Claim analysis — iss, sub, aud, exp, nbf, iat resolved with countdowns.
Warnings — flags alg: none, missing exp, and weak HS256 secrets.

Things to watch for

A valid signature only proves the token has not been tampered with — it does not prove the token is for your service. Always check iss, aud, and exp on every request. Reject tokens with alg: none. Pin the expected algorithm rather than trusting the header. For RS256 verification, make sure the key matches the kid from your JWKS — keys rotate. Tokens with sensitive PII in claims are a leak risk; treat them as confidential even though they are not encrypted.

Pipeline

JWT inspection often chains with:

JWK Inspector — fetch a JWKS and inspect the keys used to sign the token.
Base64 Encoder — manually decode any of the three segments.
Hash Generator — recompute an HMAC signature byte-for-byte.

Privacy

Tokens, secrets, and keys never leave your browser. WebCrypto runs locally; the page does not call out to any server. Read our privacy policy.

Frequently asked

Is the signature verified?: Decoding always works without a key — that is just Base64URL. Signature verification requires the secret (HS256) or the public key (RS256, ES256). Paste a key in the verify panel and the tool will run the check locally with WebCrypto.
What is the difference between JWT, JWS, and JWE?: JWS is a signed token (the common JWT layout — three Base64URL parts). JWE is encrypted — five parts, opaque payload, requires a decryption key. JWT is the umbrella term but in practice usually means JWS. This tool decodes JWS and inspects JWE structure.
How is the algorithm chosen?: The header field alg names it (HS256, RS256, ES256, EdDSA, etc.). HS* uses a shared secret, RS*/ES*/Ed* use asymmetric keys. Always validate alg server-side against an allowlist — never trust the value in the token.
Why is alg: none dangerous?: It tells a verifier to skip signature checking entirely. A library that honors it lets an attacker forge any payload. Always reject alg: none and pin to the specific algorithms your service issues.
Are tokens stored?: No. Decoded tokens stay in the page. Recent inputs may be saved to your browser History (IndexedDB) which never leaves your device. You can clear it from the History page.