JWT Decoder

Paste a JWT token to decode it. The tool extracts and displays the header (algorithm, type), payload (claims, expiration, subject), and signature. It does not verify the signature — this is a decoding tool for debugging, not a security validator.

Token

Get an API key to automate this

Result

What this tool checks

Header decoding (algorithm, type)
Payload extraction with all claims
Expiration and issued-at timestamp display
Base64url decoding of each segment

Automate this with the API

Run this tool programmatically from your code. Get a free temporary API key with 200 requests — or register for unlimited access.

                    curl https://apixies.io/api/v1/decode-jwt?token=... \
  -H "X-API-Key: YOUR_API_KEY"
                

Get Temporary API Key View API Documentation →

Frequently asked questions

Is it safe to paste my JWT here?

The decoding happens via an API call. Don't paste production tokens with sensitive claims unless you trust the service. For sensitive tokens, decode them locally using your language's JWT library. JWTs are encoded (base64), not encrypted — anyone with the token can read the payload.

Does this verify the JWT signature?

No. This tool decodes the token to show its contents. Signature verification requires the secret key or public key, which you wouldn't want to share with an online tool.

Explore more tools

View all 34 tools →