Shining Toolbox Shining Toolbox

JWT Decoder | Shining Toolbox

Decode and inspect JSON Web Tokens (JWT) online. View header, payload, and signature. Free JWT parser for developers.

JWT Decoder

Decode and inspect JSON Web Tokens (JWT)

Common JWT Claims

iss: Issuer - who created the token

sub: Subject - who the token is about

aud: Audience - who the token is for

exp: Expiration - when the token expires

iat: Issued At - when the token was created

nbf: Not Before - when the token becomes valid

About JWT Decoder

How to Use the JWT Decoder

  1. Paste your JWT - Copy the complete token including all three parts
  2. Click Decode - The tool parses and displays each section
  3. Inspect the payload - View claims, timestamps, and custom data
  4. Check validity - See if the token is expired or not yet valid

JWT Structure Explained

Header (Red)

{
  "alg": "HS256",
  "typ": "JWT"
}

Contains metadata about the token type and signing algorithm.

Payload (Purple)

{
  "sub": "1234567890",
  "name": "John Doe",
  "iat": 1516239022,
  "exp": 1516325422
}

Contains the claims - statements about the user and additional data.

Signature (Cyan)

Created by signing the encoded header and payload with a secret key.

Standard JWT Claims

ClaimNameDescription
issIssuerWho issued the token
subSubjectWho the token identifies
audAudienceWho the token is for
expExpirationWhen the token expires
nbfNot BeforeWhen the token becomes valid
iatIssued AtWhen the token was created
jtiJWT IDUnique identifier for the token

Common Use Cases

  • API Authentication: Verify user identity in REST APIs
  • Single Sign-On (SSO): Share authentication across services
  • Information Exchange: Securely transmit data between parties
  • Debugging: Inspect token contents during development

Security Notes

  • ⚠️ JWTs are not encrypted - The payload is only Base64 encoded
  • ⚠️ Never put sensitive data in JWT payloads
  • ⚠️ Always verify signatures on the server side
  • ⚠️ Check expiration before trusting token claims

Related Tools

Code Minifier

Minify HTML, CSS, and JSON online. Reduce file size by removing comments, whitespace, and formatting. Free code compression tool.

Diff Checker

Compare two text versions side by side with highlights for additions and deletions. Spot changes in code, configs, or copy instantly with private, in-browser processing.

Hash Generator

Generate MD5, SHA-1, SHA-256, SHA-384, and SHA-512 hashes online. Free cryptographic hash calculator for developers.

Copied to clipboard!