JWT Decoder
Decode JWT header and payload, check expiration, and inspect claims — 100% private in your browser.
JWT Token
Decode-only — no signature verification. Tokens are processed locally; nothing is uploaded. Avoid pasting live production credentials on any website.
Related tools
FAQ
Does this JWT decoder verify signatures?
No. It only decodes the header and payload for inspection. Never paste production secrets into untrusted online tools — FormatList runs 100% in your browser with no server upload.
What JWT fields can I inspect?
Standard claims like sub, iss, aud, exp, iat, and any custom claims in the payload. Expiration is shown as ISO time with an expired/active indicator.
Is my token sent to a server?
No. Decoding uses JavaScript in your browser only. Your JWT never leaves your device.