Q
QuickTools
Developer4 min readFeb 2026

How to Decode & Debug JWT Tokens (Developer Guide 2026)

Learn how to decode JWT tokens, inspect claims, check expiry, and debug authentication issues. Free online decoder.

What is a JWT Token?

JSON Web Tokens (JWT) are the standard for authentication in modern web apps. A JWT has three Base64-encoded parts separated by dots:

header.payload.signature

Example:

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c

How to Decode a JWT

Using Our Free Tool

  • Open our JWT Decoder

  • Paste your JWT token

  • Instantly see the decoded header and payload

    • What's Inside a JWT

    Header:

    {
      "alg": "HS256",
      "typ": "JWT"
    }

    Payload (Claims):

    {
      "sub": "1234567890",
      "name": "John Doe",
      "iat": 1516239022,
      "exp": 1516242622,
      "role": "admin"
    }

    Common JWT Claims

    ClaimFull NameDescription
    |-------|-----------|-------------|
    subSubjectUser ID
    iatIssued AtWhen token was created
    expExpirationWhen token expires
    issIssuerWho created the token
    audAudienceWho the token is for
    roleRoleUser permissions

    Debugging Common JWT Issues

    Token Expired


    Check the exp claim — it's a Unix timestamp. Compare with current time.

    Invalid Signature


    The signature uses the server's secret key. You can't verify it client-side, but you can check the algorithm in the header.

    Wrong Claims


    Decode the payload to verify the sub, role, and other claims match expectations.

    Security Best Practices

  • Never store JWTs in localStorage — use httpOnly cookies

  • Always check expiry server-side

  • Use short expiry times (15-30 minutes)

  • Implement refresh tokens for long sessions

  • Never put sensitive data in the payload (it's only encoded, not encrypted)

    • Decode a JWT token now →

    Try This Tool for Free

    No signup required. Works directly in your browser.

    Open Developer Tool →

    More Articles

    QR Codes

    How to Create a QR Code for Free in 2026 (Complete Guide)

    Images

    How to Compress Images Without Losing Quality (2026)

    Developer

    How to Format & Validate JSON Online (Developer Guide)

    Security

    How to Create a Strong Password in 2026 (Security Guide)