JWT 解码器
解码和检查 JSON Web Token。查看 header、payload 和签名详情。
功能特点
即时解码
在浏览器中即时解码 JWT 令牌
过期检查
自动检测令牌是否已过期
100% 私密
所有处理在本地进行,不发送数据到服务器
一键复制
一键复制 header、payload 或签名
Understanding JWT Structure
Header
Contains metadata about the token including the signing algorithm (alg) and token type (typ). Common algorithms include HS256, RS256, and ES256.
Payload
Contains the claims - statements about the user and additional data. Standard claims include iss (issuer), sub (subject), exp (expiration), iat (issued at), and aud (audience).
Signature
Created by signing the encoded header and payload with a secret key. Used to verify the token hasn't been tampered with. Note: This tool decodes but does not verify signatures.
使用方法
- Paste your JWT token in the input field
- Click "Decode" or press Enter to decode the token
- View the decoded header, payload, and signature
- Check expiration status and other claims
- Copy any section to your clipboard
常见问题
What is a JWT (JSON Web Token)?
JWT is a compact, URL-safe way to represent claims between two parties. It's commonly used for authentication and information exchange in web applications.
Is my token secure when using this tool?
Yes, all decoding happens locally in your browser. Your token is never sent to any server. However, never share your tokens publicly as they may contain sensitive information.
Does this tool verify JWT signatures?
No, this tool only decodes the token to display its contents. Signature verification requires the secret key or public key, which should be done server-side.