JWT / PASETO Decoder

Decode JWTs and PASETO tokens in your browser. Inspect headers, payloads, exp/iat/sub claims, and expiry timelines without uploading secrets.

Paste JWT or PASETO (kept client-side)

Never upload secrets. This decoder runs in your browser.

Header

{
  "alg": "HS256",
  "typ": "JWT"
}

Payload

{
  "sub": "ada",
  "exp": 2033768000
}

Token type

JWT

Algorithm

HS256

Subject (sub)

ada

Expires

Mon, 12 Jun 2034 23:33:20 GMT

in 3,151 days

Status & warnings

No warnings detected.

Privacy-first decoding

Unlike hosted debuggers, Tinapps never transmits your JWTs or secrets. All parsing happens client-side, making it safe to share tokens in air-gapped or compliance-heavy environments.

Usage ideas

Drop into runbooks so oncall sees exp/iat/sub at a glance.
Hand tokens to LLM agents with links like /dev/jwt?token=....
Compare PASETO payloads while keeping encryption keys offline.