Paste a JSON Web Token to decode and inspect its header, payload, and signature.
JWT (JSON Web Token) is a compact, URL-safe means of representing claims to be transferred between two parties. It consists of three parts separated by dots: the header (algorithm and type), the payload (claims/data), and the signature (for verification). JWTs are commonly used for authentication and authorization in modern web applications.
A JWT has three parts: Header.Payload.Signature. The header specifies the algorithm used (e.g., HS256). The payload contains the claims (standard claims include iss, sub, aud, exp, iat). The signature ensures the token hasn't been tampered with and can only be verified by the issuer.
exp (expiration time) – When the token expires. iat (issued at) – When the token was created. sub (subject) – Who the token is about. aud (audience) – Who the token is intended for.