How to Decode a JWT Token
A JWT (JSON Web Token) has three Base64URL-encoded parts separated by dots: the header (algorithm and token type), the payload (claims/data), and the signature. You can decode the header and payload without the secret key — only verifying the signature requires it. This tool decodes the first two parts instantly.
Is jwt.io Safe to Paste Your Token?
jwt.io is owned by Auth0, which is owned by Okta — a major identity SaaS company. While they process decoding client-side, pasting real production tokens containing user IDs, roles, and expiry data into a tool owned by an enterprise identity company carries risk, especially for regulated industries. This tool has no company behind it and runs entirely in static JavaScript — verifiable by viewing the source.
JWT Algorithm Reference
HS256 (HMAC-SHA256) — Symmetric. Same secret used to sign and verify. Only suitable when both parties trust each other (e.g., internal microservices).
RS256 (RSA-SHA256) — Asymmetric. Private key signs, public key verifies. The standard for third-party authentication (OAuth, OIDC).
ES256 (ECDSA-SHA256) — Asymmetric, shorter keys than RSA. Used by Apple Sign-in, newer OIDC providers.
What "exp" Means and Why Clocks Matter
The exp claim is a Unix timestamp (seconds since epoch). If the current time exceeds this number, the token is expired. Time zone doesn't matter — Unix time is always UTC. This tool shows the exact expiry as a human-readable datetime and a countdown ("expires in 2h 14m").
Frequently Asked Questions
Can I decode a JWT without the secret key?
Yes. The header and payload of a JWT are simply Base64URL-encoded — they contain no encryption. Any tool can decode them. Only verifying the signature requires the secret key or public key.
Is it safe to paste my JWT token here?
This tool runs 100% in your browser. Your token is never sent to any server, logged, or stored. You can verify this by checking the browser's Network tab — no requests are made when you decode.
What does "JWT expired" mean?
The token's exp (expiry) claim contains a Unix timestamp. When the current time exceeds that timestamp, the token is considered expired and should be rejected by the server. You need to re-authenticate to get a fresh token.
What is the difference between HS256 and RS256?
HS256 uses a single shared secret for both signing and verifying (symmetric). RS256 uses a private key to sign and a public key to verify (asymmetric). RS256 is required for public-facing APIs because the verification key can be published without compromising security.
Why does the signature show as "unverified"?
Verifying the signature requires the secret key (HS256) or public key (RS256/ES256). This tool deliberately does not ask for your secret key — it only decodes the header and payload. To verify the signature, use your backend library with the appropriate key.