JWT Decoder

JSON Web Tokens are an open standard (RFC 7519) for securely transmitting information between parties as a JSON object. JWTs consist of three parts:

• Header: Contains metadata about the token (algorithm, type)
• Payload: Contains claims (statements about the user and additional data)
• Signature: Ensures the token hasn't been tampered with

Common Claims:

• iss: Issuer of the token
• sub: Subject (usually user ID)
• aud: Audience (intended recipient)
• exp: Expiration time (Unix timestamp)
• iat: Issued at (Unix timestamp)
• nbf: Not valid before (Unix timestamp)

Security Note: JWTs are signed, not encrypted. Don't include sensitive information in the payload unless encrypted separately. All decoding is performed locally in your browser.