Explain JWT
Decode a JWT and annotate every claim with a human-readable explanation and validity status.
$jwt token
0 chars1 lines
Invalid JWT: expected 3 parts separated by dots.
Related Tools
FAQ
- What is the difference between exp and nbf?
- exp (Expiration Time) is the Unix timestamp after which the token must be rejected. nbf (Not Before) is the Unix timestamp before which the token must not be accepted. Together they define the valid time window for the token.
- Does this tool verify the JWT signature?
- No. Signature verification requires the secret key or public key from the issuer, which is a server-side operation. This tool only decodes and annotates the Base64-encoded header and payload segments.
- What are custom claims?
- Any claim key that is not in the IANA JSON Web Token Claims registry is a custom (application-specific) claim. Common examples include roles, email, name, permissions, and tenant_id. Custom claims are labelled with a [custom] badge.
Explain JWT decodes a JSON Web Token and presents each claim with its standard meaning: iss (Issuer), sub (Subject), exp (Expiration), iat (Issued At), aud (Audience), nbf (Not Before), jti (JWT ID), and others. Timestamp fields are converted to human-readable dates. A timeline shows the issued→now→expires progression, and a status badge indicates whether the token is currently valid, expired, or not yet active.