UtiLive.dev

Fast, privacy-friendly developer utilities

UtiLive.dev

  • All Tools
    • JSON
    • JSON Schema Validator
    • JSONPath Runner
    • JSON <> YAML
    • JSON Escape / Unescape
    • JSON Diff
    • CSV <> JSON
    • CSV Toolkit
    • Text Diff
    • String Tools
    • Text Counter
    • Escape / Unescape
    • Slug Generator
    • Lorem Ipsum
    • List Comparer
    • List Delimiter
    • List → Array
    • List → JSON Array
    • Delimiter & Formatter
    • Code Formatter
    • HTML Formatter / Minifier
    • SQL Formatter
    • Markdown Preview
    • Markdown Exporter
    • UUID
    • UUID Inspector
    • cUID Generator
    • Random String
    • Password Generator
    • Secret Key
    • User-Agent
    • Base64 Text
    • Base64 Image
    • URL Encoder / Decoder
    • Hash (MD5/SHA*)
    • JWT Debugger
    • HMAC & AES
    • Bcrypt
    • Number Base Converter
    • Unit Converter
    • Date/Time Toolkit
    • Timestamp Converter
    • Color Tools
    • QR Code
    • Cron Parser
    • Regex Tester
    • Regex Library
    • WHOIS Lookup
    • DNS Lookup
    • Image Tools
    • Support
AboutPrivacy
© UtiLive.dev • Developer tools, dev swiss army knife

JWT Debugger

Decode and verify JSON Web Tokens locally. No data leaves your browser.

Features

  • • Token Decoding: Decode JWT headers and payloads without verification
  • • Signature Verification: Verify tokens with various key types
  • • Multiple Algorithms: Support for HS256, RS256, and ES256
  • • Key Formats: HMAC secrets, PEM keys, and JWK
  • • Local Processing: All operations happen in your browser

Supported Algorithms

HS256
HMAC with SHA-256
Symmetric
RS256
RSA with SHA-256
Asymmetric
ES256
ECDSA with SHA-256
Asymmetric

Sample JWTs

JWT Token

Verification Options

Decoded Payload

Verification Result

Provide a key to verify token.

JWT Structure

Header

  • • alg - Algorithm used
  • • typ - Token type (JWT)
  • • kid - Key ID (optional)

Payload

  • • sub - Subject
  • • exp - Expiration time
  • • iat - Issued at
  • • Custom claims

Signature

  • • Verifies token integrity
  • • Prevents tampering
  • • Algorithm-specific
  • • Base64URL encoded