JWT 디코더
JWT 헤더와 페이로드를 브라우저 안에서 안전하게 확인합니다.
브라우저에서만 처리무료회원가입 없음
Header
alg: "HS256"
typ: "JWT"
Payload
sub: "1234567890"
name: "John Doe"
iat: 1516239022(1/18/2018, 1:30:22 AM)
Signature
SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c서명 검증은 서버 사이드에서만 가능 (HMAC 키 또는 RSA 공개키 필요).
How to use this tool well
Use this decoder to inspect JWT headers and payload claims before debugging authentication, expiry, audience, issuer, or role problems.
- Paste the token and compare exp, iat, aud, iss, and role claims against the application you are testing.
- Do not treat decoded text as proof that a token is valid; signature verification still belongs in your backend.
- If the payload looks wrong, regenerate the token from the identity provider instead of editing claims by hand.