useprecisoDevTools

JWT & Token Decoder

Decode JSON Web Tokens, inspect claims, and check expiration.

🔒

100% Client-side

Token never leaves your browser

🔒Your token is decoded entirely in the browser - nothing is sent to any server. Bearer prefix is stripped automatically.

🔑

Paste a JWT token above to decode it

Supports standard JWT, ID tokens, access tokens, and Bearer prefixed tokens

What is a JWT? How to read this output?

JWT structure

A JWT has three base64url-encoded parts separated by dots:

  • Header - algorithm and token type
  • Payload - claims (who, when, what permissions)
  • Signature - verifies integrity (requires secret/public key)

⚠ This tool decodes but does NOT verify the signature.

Common claims

  • issIssuer - who issued the token
  • subSubject - who it identifies (user ID)
  • audAudience - intended API or client
  • expExpiration - unix timestamp
  • iatIssued at - when it was created
  • nbfNot before - earliest valid time
  • jtiJWT ID - unique token identifier
  • scope / scpOAuth scopes (permissions)
  • rolesAuthorization roles