tools / encode & decode
jwt encoder / decoder
Decode a JWT's header, payload and time claims — or encode and HMAC-sign a new token. All in the browser.
Decode-only. The signature is shown but never verified — that needs the issuer's key, which this page does not have or fetch.
Signed locally with WebCrypto HMAC — the secret never leaves this page.
token
examples