sandboxmax

Bearer Token JWT Decoder

Decodes a standard authentication bearer token into its header and payload claims — a "Bearer " prefix pasted straight from an Authorization header is stripped automatically. Decoding happens locally with native browser Base64; the signature is displayed but never verified or transmitted.

runs 100% in your browser — safe to paste real tokens

  1. 1Paste your tokenDrop a JWT — or a full Authorization header; the "Bearer " prefix is stripped automatically.
  2. 2Read the decoded claimsHeader and payload appear instantly as color-coded JSON. Nothing is uploaded or verified remotely.
  3. 3Simulate session deathWatch the live expiry countdown, then fast-forward time to see the token die on schedule.
headerpayloadsignature

Decoded locally with your browser’s native Base64 — the token never leaves this tab. The signature is displayed, never verified: this is a debugger, not a validator.

Session expiry timeline

Fast-forward time
+0m

Header— algorithm & type

Payload— claims

More JWT tools