JWT Decoder

Security

Decode and inspect JWT tokens without verification. Check expiry and claims.

Import

import { jwt } from 'toolmetry';

API Reference

Function	Parameters	Returns	Description
`jwt.decode`	`token: string`	`{ header, payload, signature }`	Decode a JWT into its parts
`jwt.decodeHeader`	`token: string`	`object`	Decode only the header
`jwt.decodePayload`	`token: string`	`object`	Decode only the payload
`jwt.isExpired`	`token: string, graceSeconds?: number`	`boolean`	Check if a JWT is expired
`jwt.isValidFormat`	`token: string`	`boolean`	Validate JWT format
`jwt.getAlgorithm`	`token: string`	`string \| null`	Get the algorithm from JWT header
`jwt.timeUntilExpiry`	`token: string`	`number \| null`	Seconds until JWT expires

Examples

Decode a JWT

import { jwt } from 'toolmetry';

const token = 'eyJhbGciOiJIUzI1NiIs...';

const { header, payload, signature } = jwt.decode(token);
// header: { alg: "HS256", typ: "JWT" }
// payload: { sub: "1234567890", name: "John", ... }

Check Expiry

import { jwt } from 'toolmetry';

const expired = jwt.isExpired(token); // true/false
const timeLeft = jwt.timeUntilExpiry(token); // seconds or null

Get Algorithm

import { jwt } from 'toolmetry';

const algo = jwt.getAlgorithm(token);
// "HS256"

Try It Live

Input

Hash Generator

UUID Generator