JWT & Base64 Decoder/Verifier
JWT Decoder
+ Encoder, Verifier & Base64
Paste a token and instantly see its header, payload, and claims decoded — then verify its signature, sign your own, or convert Base64 back and forth. Everything runs on the device. No accounts, no network calls, nothing stored.
100% Offline
Tokens never leave the device. No server, no logging, no analytics.
Built for Engineers
One-tap paste, built-in examples, monospace selectable output.
Anatomy of a token
HeadereyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
PayloadeyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIn0
SignatureSflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c
Decode
Live decoding as you type. Pretty-printed JSON, readable UTC time claims, and EXPIRED / not-yet-valid badges.
Verify
Check signatures with a shared secret or PEM key. The input switches between secret and key automatically.
HS256/384/512
RS256/384/512
PS256/384/512
ES256/384/512
Sign & Generate
HMAC-sign a JWT from any JSON payload, or one-tap generate a throwaway RSA / EC key pair for a full sign-then-verify loop — all on device.
Base64 toolbox & more
- Encode / decode standard Base64 and URL-safe Base64URL, with optional padding control.
- Falls back to a hex view when decoded bytes are not valid UTF-8 text.
- Clear, specific errors for malformed tokens — raw Base64URL signature shown separately.
- Native Material Design 3, light & dark themes, localized in EN / 繁中 / 简中 / 日本語.
- An inspection and testing utility — keys you paste or generate stay on the device.
