CodeKitt
JWT Decoder
Paste a JSON Web Token to decode it and view its header and payload.
About the JWT Decoder

A JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. This tool allows you to decode a JWT and view its contents without needing to verify its signature.

Structure of a JWT

A JWT consists of three parts separated by dots (`.`):

  • Header: Typically consists of two parts: the token type (`JWT`) and the signing algorithm being used, such as HMAC SHA256 or RSA. This part is Base64Url encoded.
  • Payload: Contains the claims. Claims are statements about an entity (typically, the user) and additional data. This part is also Base64Url encoded.
  • Signature: To create the signature part you have to take the encoded header, the encoded payload, a secret, the algorithm specified in the header, and sign that.

How It Works

This decoder takes a JWT string, splits it into its three parts, and applies Base64 decoding to the header and payload sections. This allows you to easily inspect the claims and metadata within the token. Important: This tool does not validate the signature.