JWT Debugger
Decode, inspect and verify JSON Web Tokens - header, payload and signature.
✓Valid — expires 11/20/2286, 5:46:39 PM (in 95215d)
Algorithm
HS256
Issued At
1/18/2018, 1:30:22 AM
Expires At
11/20/2286, 5:46:39 PM
Header
{
"alg": "HS256",
"typ": "JWT"
}Payload
{
"sub": "1234567890",
"name": "John Doe",
"iat": 1516239022,
"exp": 9999999999
}Signature
SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
Verify Signature (HS256)
Decode and inspect JSON Web Tokens (JWT) right in your browser. View the header, payload and signature, check expiry claims, and verify HMAC signatures client-side.
Key Features
Token Decoding
Instantly decodes the Base64URL header and payload into formatted, readable JSON.
Claim Inspector
Highlights exp, iat and nbf claims with human-readable dates and relative time.
Expiry Badge
Clear VALID / EXPIRED / NOT YET VALID status based on the exp and nbf claims.
HMAC Verification
Verify HS256/HS384/HS512 signed tokens by entering the secret key — all in the browser.
How to Use
- 1Paste your JWT token in the input area.
- 2Header, payload and signature sections update instantly.
- 3To verify a signature, enter the HMAC secret and click Verify.