JWT Debugger
Decode and inspect JWT tokens instantly. View header, payload, claims, expiry & algorithm. 100% client-side.
Free JWT Debugger — Decode & Inspect JSON Web Tokens
Toolify's JWT Debugger decodes any JSON Web Token and displays the header, payload, claims, algorithm, and expiry date — all in your browser with no data sent to any server. Paste a JWT token to instantly see its contents in a readable format.
The tool highlights whether the token is expired or still valid, converts Unix timestamps to human-readable dates, and color-codes the three token sections (header, payload, signature).
Frequently Asked Questions
What is a JWT token?
JSON Web Token (JWT) is a compact, URL-safe format for representing claims between parties. It consists of three Base64URL-encoded parts separated by dots: a header (algorithm & type), a payload (claims/data), and a signature.
Is it safe to paste my JWT here?
Yes. The debugger runs 100% in your browser — your token is never sent to any server. However, be careful about sharing JWTs in general, as they grant access until they expire.
Can this tool verify the JWT signature?
You can inspect the signature data, but full verification requires your secret or public key. The tool displays the signature algorithm and allows you to confirm expiry dates and claims.
What is the 'exp' claim in a JWT?
The 'exp' (expiration) claim specifies when the token expires, as a Unix timestamp (seconds since January 1, 1970). The debugger converts this to a human-readable date and shows whether the token is still valid.
What JWT algorithms are supported?
The tool supports decoding JWTs signed with HS256, HS384, HS512, RS256, RS384, RS512, ES256, and more.