JWT Encoder & Decoder

Create signed JSON Web Tokens or decode existing ones to inspect claims.
Secure client-side processing for developers.

Payload (JSON)

Secret / Private Key

Create signed JWT tokens with custom payload

Signed Token

Resulting token will appear here...

Sign & Verify

Generate valid, signed tokens (HS256) for testing API authentication flows.

Inspect Claims

Decode headers and payloads to debug token contents. formatted JSON output.

Local Processing

Your secrets and tokens never leave your browser. Zero server-side transmission.

What is a JWT?

JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. This information can be verified and trusted because it is digitally signed.

Structure of a JWT

Header: Algorithm & token type (e.g., HS256, JWT)
Payload: Data/Claims (e.g., user ID, expiry, roles)
Signature: Verification hash to ensure integrity

Common Claims

iss

Issuer - Who created the token

sub

Subject - Whom the token refers to

aud

Audience - Who is the intended recipient

exp

Expiration Time - When the token dies

iat

Issued At - When the token was created