Toolbench

JWT decoder

Inspect JWT header and payload (read-only). Does not verify signatures. Use your auth stack for validation.

Read-only decoder. It does not verify signatures or prove a token is valid.

Processing runs in your browser when possible. We do not upload your files to our servers for these tools unless explicitly stated. How we handle files & data.

More in Security & utility and similar utilities.

Base64 encoder and decoderEncode or decode Base64 text for debugging APIs, tokens, and data URIs. Runs locally in your browser.
Bcrypt hash demoHash a password with bcrypt cost factors for learning. Do not use for production secret storage as-is.
Hash generator (MD5, SHA-256)Compute MD5 and SHA-256 hashes for pasted text. Useful for checksums and quick comparisons in development.
HMAC generatorCompute HMAC-SHA256 or HMAC-SHA1 for a secret and message. Debug webhooks and signed requests.
Password generatorCreate strong random passwords with length and character options. Use with your password manager.
Password strength checkerEstimate password strength with heuristic feedback and learn what makes passphrases harder to guess.

Loading tool…

Related tools

Related tools