encoding/jwt_decode

Decode a JWT's header and payload without verifying its signature.

Free / no pricing configured

What it does

Decodes the header and payload claims of a JSON Web Token and reports whether a signature segment is present.

Primary use cases

Inspecting a token's claims (issuer, expiry, subject, scopes).
Debugging auth flows by reading what a token contains.

Good to know

This decodes only; it does NOT verify the signature (that requires the issuer's key), so verified is always false. Never trust an unverified token for authorization decisions. Computed locally.

Parameters

tokenstringrequired

The JWT string to decode.