JWT Online Decode/Encrypt

How to decode a JWT token?

Four simple steps:

1. Paste your JWT token in the left code area,
2. Click the "Decode" button to decrypt the JWT token,
3. The Header and Payload data will be displayed in the corresponding right-side areas.
4. You can enter a public key or secret key and click the "Verify" button to validate the JWT signature.
   

How to encode a JWT token?

1. Enter the JWT header, payload keys, or secret in the right-side area,
2. Click the "Encode" button to generate the JWT token,
3. The JWT token will be displayed in the left code area.
4. You can click the "Copy" button to copy it.

Note:JWT tokens are not uploaded to the server; all encryption and decryption operations are performed on the client side.

What is JWT?

JWT stands for JSON Web Tokens, the most popular cross-domain authentication solution. It is an open standard (RFC 7519) used for securely transmitting information between parties in the form of a JSON object. A JWT token consists of three basic parts: Header, Payload, and Signature. The Header section includes the JWT type and the signing algorithm used. For example, a JWT header using the HMAC SHA256 algorithm might look like this:

{
"alg": "HS256",
"typ": "JWT"
}

"alg" is the encryption algorithm. This header is then Base64Url-encoded to form the first part of the JWT. The Payload is used to store the actual data to be transmitted. The official JWT specification defines seven optional fields:

1. iss: Issuer
2. sub: Subject
3. aud: Audience
4. exp: Expiration time
5. nbf: Not Before (Effective time)
6. iat: Issued At
7. jti: JWT ID

The Signature part is a signature of the Header and Payload, used to verify the authenticity and integrity of the JWT. The signature generation process includes using the specified signing algorithm and secret key to encrypt the Header and Payload; this signature is then appended to the end of the JWT to ensure it is not tampered with during transmission.