JSON Web Token (JWT) Decoder

Using this tool, you can decode and validate JSON Web Tokens (JWTs) issued by IdentityServer or another token issuer.

A JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. It is commonly used for authentication and information exchange in web applications. A JWT consists of three parts: a header, a payload, and a signature, separated by dots.

For more details, see RFC 7519.

This tool does not send JWTs to any server, it only decodes the JWT locally in your browser.
Always be cautious when pasting JWTs, as they may contain credentials or sensitive information.
To validate how this page decodes and validates JWTs, you can inspect the source code of this page.

Encoded JWT

eyJhbGciOiJSUzI1NiIsImtpZCI6IkY1QzQ3REZCQjlCMUZEMDNFNjIxMDdERDc1RUJGNUMzIiwidHlwIjoiYXQrand0In0.eyJpc3MiOiJodHRwczovL2RlbW8uZHVlbmRlc29mdHdhcmUuY29tIiwibmJmIjoxNzU5NjY3Njk1LCJpYXQiOjE3NTk2Njc2OTUsImV4cCI6MTc1OTY3MTI5NSwiYXVkIjoiYXBpIiwic2NvcGUiOlsiYXBpIl0sImNsaWVudF9pZCI6Im0ybSIsImp0aSI6IjM0MDBFRDYzOENCQTA5RThGRTYyODcyQ0U5RDZEOUE2In0.XOEi0AyWoepMeyv_uoMAEpbYm8BaXktb_ax3cXxjRVggh8TuAQqVaa8WqMu76kYsYlJTsJPyGOp66YEAXGEiBl789lz9o9GEaaCP2rxLJe5KWEyD0_ukC1y9fibksMxF0uuViFDM7eOygnaRunTq5nlo8gSMP5c0eWWvOs_gbcK-NQGMQfOGpBqfvNfnKAnM_VvqU9C1oCn7embB7Kt2KJZPGZDbvSmMqnVlgMD1ouOHjFz_mAKdP5EoZvKlORBbhjElceqE3Q9JwRbctwKfMu2Ciii5mSDD_5VxgAS4NLYgL1VzCcQfgsbDRr7jb7MYDY2KLpFkmIsVs4089QePlA
Optionally, you can provide the issuer, discovery document or JWKs URI to validate the JWT's signature. If you leave this field empty, the tool will use the value of the 'iss' claim.

Decoded JWT

Header

 

Payload

 

Signature

 
This JWT has a valid signature.
This JWT has an invalid signature.
Signature validation failed.