🔑
Security · Identity
JWT Decoder
Decode, inspect, and verify JSON Web Tokens instantly with deep claim analysis.
Encoded Token
list_alt Claim Registry
| Claim | Description |
|---|---|
| iss | Issuer: Entity that issued the token |
| sub | Subject: The principal (user) of the token |
| aud | Audience: Intended recipients |
| exp | Expiration: Time token must no longer be accepted |
| iat | Issued At: Time token was created |
JWT Insights
Are my tokens sent to a server?
No. UtilVox decodes all JWTs locally in your browser. Your sensitive tokens and keys never leave your device.
Why does it say 'Invalid Signature'?
To verify a signature, you must provide the correct Secret or Public Key. Without it, the decoder can only show you the Header and Payload contents.
What do the colors mean?
Following the JWT standard: RED represents the Header (algorithm/type), PURPLE represents the Payload (data/claims), and BLUE represents the Signature.