JWT Tool
Decode and build JSON Web Tokens (JWT) with HMAC signing
About JWT
JSON Web Tokens (JWT) are an open standard (RFC 7519) for securely transmitting information between parties as a JSON object.
Structure:
- Header: Contains token type and signing algorithm
- Payload: Contains the claims (statements about an entity)
- Signature: Verifies the token hasn't been tampered with
Common Claims:
- iss: Issuer of the token
- sub: Subject (user identifier)
- aud: Audience (intended recipient)
- exp: Expiration time
- iat: Issued at time
- nbf: Not valid before time
Security Notice
This tool decodes JWTs for inspection purposes only. It does not verify the token's signature or validate its authenticity. Never trust decoded data from untrusted sources without proper server-side verification. All decoding happens locally in your browser.