JWT Debugger

About JWT

JSON Web Tokens (JWT) are compact, URL-safe means of representing claims to be transferred between two parties. They consist of three parts separated by dots: header, payload, and signature.

Common Algorithms:

• HS256: HMAC SHA-256 (symmetric)
• HS384: HMAC SHA-384 (symmetric)
• HS512: HMAC SHA-512 (symmetric)
• RS256: RSA SHA-256 (asymmetric)
• ES256: ECDSA SHA-256 (asymmetric)

Standard Claims:

• iss (issuer): Issuer of the JWT
• sub (subject): Subject of the JWT
• aud (audience): Recipient for which JWT is intended
• exp (expiration): Expiration time
• nbf (not before): Time before which JWT must not be accepted
• iat (issued at): Time at which JWT was issued
• jti (JWT ID): Unique identifier for the JWT