JWT Tool

Decode JWT tokens, verify HMAC signatures, and generate HS256, HS384, or HS512 tokens in one simple page.

1. Decode JWT

Header · Payload · Signature

A JWT has three Base64URL parts separated by dots: header, payload, and signature. This decoder formats the JSON parts and shows common claims.

Algorithm

Subject

Time status

Issued at

Expires at

Signature

Not verified

Header part

Payload part

Signature part

Decoded header

Decoded payload

2. Verify Signature

HS256 · HS384 · HS512

Secret Show secret

Ready Enter the matching secret and click Verify.

3. Generate JWT

Algorithm

Secret Show secret

Header JSON

Payload JSON

The exp buttons extend the existing future exp value. If exp is missing or expired, they start from the current time.

Generated token

StarryTool Privacy Statement: At StarryTool, we highly value your privacy. All data processing on this page is performed on your device via client-side JavaScript, ensuring data security. We do not record or store any submitted or generated data. For more information about privacy practices on our website, please review our Privacy Policy.

How to use
1. Paste a JWT into the decoder to view its header, payload, signature, and common claims.
2. Enter the matching HMAC secret and click Verify to check HS256, HS384, or HS512 signatures.
3. Use Load decoded data if you want to copy the decoded header and payload into the generator.
4. Edit the Header JSON and Payload JSON, choose an algorithm, enter a secret, and click Generate JWT.

About This JWT Tool
This JWT tool is designed for quick development and debugging. It supports Base64URL JWT decoding and HMAC-based JWT signing and verification.

• Features
JWT Decoder: Decode the header and payload JSON from a JWT token and view the three token parts clearly by line.

Claims Summary: Quickly check common claims such as subject, issued-at time, expiration time, and token time status.

Signature Verification: Verify whether an HS256, HS384, or HS512 token signature matches a secret.

JWT Generator: Create a signed HMAC JWT from editable Header JSON and Payload JSON.

Load Decoded Data: Move the decoded header and payload into the generator so you can edit and generate a new token.

Quick Time Buttons: Set iat to the current Unix time or extend exp by 15 minutes, 1 hour, or 1 day.

Copy Results Quickly: Copy the token, JWT parts, or generated JWT directly from the page.

Browser-Based Processing: JWT decoding, generation, and signature verification are performed directly in your browser.

• Notes
This tool supports HMAC JWT algorithms HS256, HS384, and HS512 for generation and verification. Tokens using RSA, ECDSA, EdDSA, or other algorithms can still be decoded, but their signatures are not verified by this page.

The exp, iat, and nbf claims are Unix timestamps in seconds. The claim summary shows these timestamps as your browser's local date and time.

:wiki_link