JSON Web Token · decode · verify · sign
🔐 JWT Decoder & Builder
Decode a JWT's header & claims and verify its HS256/384/512 signature — or build and sign a fresh token from your own payload.
Header
Payload
Claims
Signature & verification
—
A JWT is three Base64URL parts (header.payload.signature) — the payload is NOT encrypted, only encoded, so never trust it without verifying the signature. HS256/384/512 can be verified and SIGNED here with the shared secret (WebCrypto); RS/ES/EdDSA need key pairs and aren't supported.