Issued at
—
Tools100% Local
← All tools
JWT Decoder & Verifier
RFC 7519 / 7518 · runs entirely in your browser
Paste a JWT to inspect its header, payload, and the standard time claims
(
iat, nbf, exp). Then paste a secret or
a PEM-encoded public key to actually verify the signature — HMAC-SHA, RSA
PKCS#1-v1.5, RSA-PSS or ECDSA, in 256 / 384 / 512 variants. Tokens, secrets and
keys are processed by the browser's native Web Crypto API and never sent
anywhere.
Header—
Paste a token above
Payload
—
SignatureNot verified
—
What gets verified
A JWT is three Base64URL segments joined by dots: header.payload.signature.
Verification recomputes the signature over header + "." + payload using the
algorithm declared in the header (alg) and the key you provide, then
compares it against the supplied signature segment. A match means the token has not
been tampered with and was issued by someone holding the corresponding key.
This page handles every standard JWT signing family:
- HS256 / HS384 / HS512 — HMAC with SHA-256 / 384 / 512 and a shared secret. Paste the raw secret string.
- RS256 / RS384 / RS512 — RSASSA-PKCS1-v1_5 with the issuer's RSA public
key (PEM, SPKI:
-----BEGIN PUBLIC KEY-----). - PS256 / PS384 / PS512 — RSA-PSS with the salt length tied to the hash size, again with an RSA public key in PEM SPKI.
- ES256 / ES384 / ES512 — ECDSA on P-256, P-384 and P-521 respectively. Provide the EC public key in PEM SPKI form. JWT signatures use IEEE P1363 (raw r‖s) format, which is what Web Crypto expects.
- none — recognised explicitly: a token with
"alg":"none"and an empty signature segment is reported as well-formed but unauthenticated; a non-empty signature withalg=noneis flagged as malformed.
Time claims
The standard registered claims for time are surfaced separately so you can scan them at a glance:
iat— issued at, when the token was minted.nbf— not before, the earliest moment the token is valid.exp— expiry. When present, a banner counts down the remaining validity (or how long ago it expired) live.
Common use cases
- Debug an authentication problem by reading the actual claims you're sending instead of guessing.
- Confirm a token from your auth provider is signed with the key you expect — useful when rotating keys.
- Inspect a token attached to a bug report without copying it into a hosted decoder.
- Verify ID tokens in unit tests against a known public key.
Privacy
JWTs frequently contain personally identifiable information — user IDs, email
addresses, organisation IDs — and the secrets you'd use to verify them are
even more sensitive. This page does the entire round-trip locally: tokens go into
a <textarea>, signatures are computed by
crypto.subtle.verify() in your browser, results render to the DOM,
and that is the entire data flow. There is no telemetry, no error reporting, no
fetch() calls back to a server. The page itself is plain HTML and
JavaScript — view source if you want to audit it.