What is a JWT Token?

A JWT (JSON Web Token) is a compact, URL-safe token format used to securely transmit information between parties. It is widely used for authentication in modern web applications, REST APIs, and microservices built with ASP.NET Core, Node.js, and other frameworks.

JWT Structure

A JWT consists of three Base64URL-encoded parts separated by dots (.):

• Header — specifies the token type (JWT) and the signing algorithm (e.g., HS256, RS256)
• Payload — contains claims such as sub (subject), iat (issued at), exp (expiry), and any custom data
• Signature — verifies the token has not been tampered with (requires the secret key to validate)

How to Use This JWT Decoder

Paste any JWT token into the input box and click Decode. This tool decodes the header and payload without verifying the signature — useful for inspecting token contents, checking expiry, and debugging authentication issues.

Common JWT Claims

• exp — Expiration time (Unix timestamp)
• iat — Issued at time
• sub — Subject (usually user ID)
• iss — Issuer
• aud — Audience