JWT Decoder
Decode any JWT: view header and payload, inspect claims, and check whether the signing algorithm is safe against quantum computers.
How this works
JWT tokens are three base64url-encoded segments separated by dots. The header and payload are plain JSON — no key needed to read them. Only the signature requires a key to verify. All decoding runs in your browser: nothing is sent to any server.