JWT 디코더 온라인 — 무료 토큰 헤더 및 페이로드 디코딩
브라우저에서 JSON Web Token을 디코딩하여 헤더와 페이로드를 확인. 서명은 검증되지 않습니다 — 디버깅 전용.
JWT를 붙여넣으세요. 헤더와 페이로드는 Base64URL에서 로컬로 디코딩되며 토큰은 페이지를 떠나지 않습니다.
일반적인 사용 사례
- 1Inspect an OAuth access token to check its expiration, audience and scopes.
- 2Debug a third-party SSO failure by reading the claims the IdP signed.
- 3Verify your app emits the JWT shape you expect before integration testing.
자주 묻는 질문
Why isn't the signature verified?+
Verification needs the issuer's public key (RS256 / ES256) or shared secret (HS256). That is an infrastructure decision — use jose / jsonwebtoken with the right key for that. This tool decodes only.
Is my token safe to paste here?+
Decoding runs entirely in your browser; the token never leaves the page. However, an ACTIVE access token still carries your identity — if it is in use, redact sensitive claims after debugging.
Why does my token decode to gibberish?+
It is probably not a JWT. Real JWTs always have three Base64URL parts separated by dots (header.payload.signature). Opaque tokens (random strings) do not decode to JSON.