JWT Decode & Encode

Decode, build, and sign JSON Web Tokens (HS256/RS256/ES256). This tool does both decode and encode on one page — pick a mode, paste your data, and click. Everything runs on your device, nothing is sent to a server.

The result will appear here…
or press Ctrl+Enter

Everything runs in your browser. Your data is never sent to our servers.

728 × 90Ad Space AvailablePlace your ad here

Example

Example Input

eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjM…

Example Output

Header + Payload (JSON)

How to Use

  1. 1Choose Decode or Encode mode at the top.
  2. 2Fill the Input field and, if required, complete the fields in "More settings" (key/password).
  3. 3Click the button (or press Ctrl+Enter) to process.
  4. 4Copy the result with the Copy button.

About JWT

A JSON Web Token (JWT) is a compact token carrying claims (data) between two parties, widely used for API authentication and authorization. Its structure is three parts: header.payload.signature (Base64URL).

Decode mode shows the header and payload without verifying the signature — useful for quick inspection. Encode mode builds and signs a JWT from your JSON payload with the chosen algorithm.

For HS256, fill the HMAC secret. For RS256/ES256, paste a PEM private key. To VERIFY a token signature, use the JWT Verifier tool. Everything runs in the browser — sensitive tokens are not sent anywhere.

FAQ

Are my data or keys sent to a server?

No. JWT runs entirely in your browser using the Web Crypto API and client-side libraries. Your data, passwords, and keys never leave your device.

Related Tools

Related Categories