How to Decode JWT Tokens

JSON Web Tokens (JWTs) are a compact, URL-safe means of representing claims between two parties. This guide explains how to decode and understand JWT tokens.

What is a JWT?

A JWT consists of three parts separated by dots (.):

• Header: Contains the token type and signing algorithm
• Payload: Contains the claims (data)
• Signature: Ensures the token hasn't been tampered with

How to Decode

1. Copy your JWT token
2. Use our JWT Decoder tool
3. Paste the token and click "Decode JWT"
4. View the decoded header and payload

Understanding the Payload

Common JWT claims include:

• iss (issuer): Who created the token
• sub (subject): Who the token is about
• exp (expiration): When the token expires
• iat (issued at): When the token was created

Security Note

Decoding a JWT does NOT verify its signature. Always verify JWTs on the server side before trusting their contents.