JWT Inspector & Debugger

JWT Token Input

Enter the complete JWT token including header, payload, and signature parts separated by dots.
Required for HMAC signature verification (HS256, HS384, HS512). Leave empty to skip verification.

About JWT Inspector

Decode and analyze JSON Web Tokens (JWT) with comprehensive inspection capabilities.

Key Features:
  • Decode JWT header, payload, and signature
  • Verify HMAC signatures (HS256, HS384, HS512)
  • Check token expiration status
  • Extract and display standard JWT claims
  • Offline processing - no data sent to external services
Supported Algorithms:
  • HS256: HMAC using SHA-256
  • HS384: HMAC using SHA-384
  • HS512: HMAC using SHA-512
  • None: No signature verification
Standard Claims:
  • iss: Issuer - who created the token
  • sub: Subject - who the token is about
  • aud: Audience - who the token is intended for
  • exp: Expiration time - when the token expires
  • iat: Issued at - when the token was created
  • nbf: Not before - when the token becomes valid
How to Use:
  1. Paste your JWT token in the text area
  2. Optionally provide the secret key for signature verification
  3. Click "Decode & Inspect" to analyze the token
  4. Review the decoded header, payload, and verification results
Security: All processing is done locally. Your tokens and secrets are not transmitted to any external services.
Note: This tool is for development and debugging purposes. Never use production secrets in untrusted environments.