A JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. JWTs are often used for authentication and information exchange in web applications.

A JWT token consists of three parts separated by dots (.):

• Header: Contains the type of token and the signing algorithm being used

• Payload: Contains the claims (data) that the token is carrying

• Signature: Used to verify that the sender of the JWT is who it says it is and to ensure the message wasn't changed

No, this tool only decodes JWT tokens to view their content. Signature verification requires the secret key or public key (depending on the algorithm) that was used to sign the token, which only the issuer should have. This tool focuses on displaying the token's content for debugging purposes.

Yes, this tool processes all JWT tokens entirely within your browser. Your tokens never leave your device and aren't sent to any server. When you close or refresh the page, all data is completely cleared.

Common JWT claims include:

• iss (Issuer): Who issued the token

• sub (Subject): Who the token refers to

• exp (Expiration Time): When the token expires

• iat (Issued At): When the token was issued

• aud (Audience): Who the token is intended for

• nbf (Not Before): Time before which the token is not valid

Additionally, tokens often contain custom claims specific to the application.