JWT Decoder
Your token never leaves your device — decoding happens entirely in your browser.
What this tool does
Splits a JSON Web Token into its header and payload, pretty-prints both, names the algorithm and turns the time claims (issued-at, not-before, expiry) into readable UTC dates — with an expiry verdict. Large numeric claims like snowflake ids come out digit-for-digit: decoders built on JSON.parse silently round anything past 2⁵³.
Two things most JWT sites get wrong
First: a token is a credential. Pasting it into a site that uploads it to a server hands your session to a stranger — this page is static, works with the network disconnected, and our automated tests verify that on every release. Second: decoding is not verification. This tool never checks the signature and says so on every result; anyone can mint a token that decodes beautifully.