About

JSON Web Tokens (JWTs) are a compact, URL-safe way to represent claims between two parties. They are widely used for authentication and information exchange in web applications.

A JWT consists of three parts separated by dots: header.payload.signature. This tool decodes all three parts and helps you verify the signature against a secret or public key.

API access

This tool is powered by a free API. See /jwt-docs for endpoints. Curl example:

curl -X POST https://forge-node.tail2b516d.ts.net/jwt/decode \ -H "Content-Type: application/json" \ -d '{"token": "eyJhbGciOi..."}'

Privacy

Your tokens, secrets, and keys are processed in-memory and never logged or stored. All requests are over HTTPS via Tailscale Funnel.

Security note

Never paste production secrets or live tokens into any web tool, including this one. Use a local copy of this tool or a CLI for sensitive data. The source for this API is open and self-hostable.