JWT & SAML Token Decoders
Jwt Decoder
Decode JWT tokens to see header, payload, and signature. Verify token validity and expiration. Free, private, works offline.
Jwt Generator
Generate JWT tokens with custom claims and expiration. Sign with HS256/HS384/HS512 algorithms. Test authentication flows. Free and private.
Saml Decoder
Decode and analyze SAML tokens, assertions, and responses. View XML structure, attributes, and signature info. Perfect for SSO debugging and integration.
Understanding JWT Tokens
JSON Web Tokens (JWT) are compact, URL-safe tokens used for authentication and information exchange. They consist of three base64-encoded parts: header, payload, and signature, separated by dots.
JWT Structure
The header identifies the token type and signing algorithm. The payload contains claims—statements about the user and additional data. The signature verifies the token hasn't been tampered with.
Common Claims
- iss: Token issuer
- sub: Subject (usually user ID)
- exp: Expiration time
- iat: Issued at time
- aud: Intended audience
SAML Tokens
SAML (Security Assertion Markup Language) uses XML-based tokens for enterprise single sign-on. Our decoder parses SAML assertions to display attributes and authentication information.