About JWT
JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature structure or as the plaintext of a JSON Web Encryption structure, enabling the claims to be digitally signed or integrity protected with a Message Authentication Code and/or encrypted.
Is This Tool Safe?
Yes, 100% safe. This tool works Client-Side. Tokens you enter are not sent to our servers; they are decoded using JavaScript in your browser. You can safely test your private data.
JWT Structure
A JWT typically looks like `xxxxx.yyyyy.zzzzz` and consists of three parts:
- Header: Typically consists of two parts: the type of the token, which is JWT, and the signing algorithm being used, such as HMAC SHA256 or RSA.
- Payload: The second part of the token is the payload, which contains the claims. Claims are statements about an entity (typically, the user) and additional data.
- Signature: To create the signature part you have to take the encoded header, the encoded payload, a secret, the algorithm specified in the header, and sign that.