Decodificatore JWT Gratis
Incolla un JSON Web Token per decodificare header e payload. Questo strumento NON verifica le firme.
Come Funziona
Paste a JWT (JSON Web Token) and the tool decodes the header and payload sections, displaying them as formatted JSON. See the algorithm, expiration time, issuer, and all custom claims without needing a secret key.
Quando Usarlo
- API debugging — inspect JWT tokens returned by authentication endpoints to verify claims and expiration times.
- Security auditing — check which algorithm a token uses and whether sensitive data is exposed in the payload.
- Development testing — decode tokens during OAuth/OIDC integration to verify the correct scopes and user data are included.
Domande Frequenti
Can it verify the signature?
No. Signature verification requires the secret key or public key, which should never be entered in a browser tool. This tool only decodes the header and payload.
Is it safe to paste tokens here?
Yes. All processing happens in your browser. No tokens are sent to any server. However, avoid pasting production tokens on shared or public computers.
What parts of a JWT are decoded?
A JWT has three parts: header (algorithm and type), payload (claims like sub, exp, iat), and signature. This tool decodes the first two. The signature is shown as-is.
Automatizza il tuo business con SARA Assistente AI
Prova SOLO SARA — Assistente AI per freelancer a soli 9.90/meseTutta la decodifica avviene nel browser. Nessun dato lascia il dispositivo.
Questi strumenti sono gratis per sempre. SARA fa il passo in più.
SARA è la tua assistente AI su WhatsApp: risponde ai clienti, prende prenotazioni, fa follow-up — 24/7, in automatico. Provala gratis per 14 giorni.
Inizia la prova gratuita di 14 giorni →