CINXE.COM
JSON Web Tokens - jwt.io
<!DOCTYPE html><html lang="en"><head><title>JSON Web Tokens - jwt.io</title><meta charset="utf-8"><meta http-equiv="X-UA-Compatible" content="IE=edge"><meta name="viewport" content="width=device-width, minimum-scale=1.0, maximum-scale=1.0"><meta name="author" content="auth0.com"><meta name="description" content="JSON Web Token (JWT) is a compact URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is digitally signed using JSON Web Signature (JWS)."><link rel="canonical" href="https://jwt.io"><script type="application/ld+json">[{ "@context": "http://www.schema.org", "@type": "WebSite", "name": "JSON Web Tokens - jwt.io", "url": "https://jwt.io", "description": "Decode, verify and generate JSON Web Tokens with our online debugger.", "image": "https://jwt.io/img/pic_logo.svg", "publisher": { "@type": "Organization", "name": "Auth0", "legalName": "Auth0 Inc.", "url": "https://auth0.com/", "logo": "https://cdn.auth0.com/website/assets/pages/press/img/resources/auth0-logo-main-6001cece68.svg", "foundingDate": "2013", "sameAs": [ "https://twitter.com/auth0", "https://www.facebook.com/getauth0/", "https://www.linkedin.com/company/auth0" ] } }, { "@context": "https://schema.org/", "@type": "BreadcrumbList", "itemListElement": [{ "@type": "ListItem", "position": 1, "name": "jwt.io", "item": "https://jwt.io", "description": "JWT.IO allows you to decode, verify and generate JWT." }, { "@type": "ListItem", "position": 2, "name": "Debugger", "item": "https://jwt.io/#debugger-io", "description": "Decode, verify and generate JSON Web Tokens with our online debugger." }] }, { "@context": "https://schema.org/", "@type": "BreadcrumbList", "itemListElement": [{ "@type": "ListItem", "position": 1, "name": "jwt.io", "item": "https://jwt.io", "description": "JWT.IO allows you to decode, verify and generate JWT." },{ "@type": "ListItem", "position": 2, "name": "Libraries", "item": "https://jwt.io/#libraries-io", "description": "An overview of Libraries for Token Signing/Verification in a variety of different programming languages." }] }, { "@context": "https://schema.org/", "@type": "BreadcrumbList", "itemListElement": [{ "@type": "ListItem", "position": 1, "name": "jwt.io", "item": "https://jwt.io", "description": "JWT.IO allows you to decode, verify and generate JWT." },{ "@type": "ListItem", "position": 2, "name": "Introduction", "item": "https://jwt.io/introduction/", "description": "An introduction to JSON Web Tokens." }] }]</script><meta name="google-site-verification" content="cFjJt_KK4v_TKnCZ3hcuLlEUBBk4RLT0iByrpjCsvLA"><!-- For Chrome extension inline install--><meta name="google-site-verification" content="eksHKAourReHdYNGn8amokJTErSTq0VzdQWuyU_hE2s"><meta name="twitter:card" content="summary_large_image"><meta name="twitter:creator" content="@auth0"><meta name="twitter:title" content="JWT.IO"><meta name="twitter:description" content="JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties."><meta name="twitter:image" content="http://jwt.io/img/twitter-card.png"><meta property="og:type" content="website"><meta property="og:title" content="JWT.IO"><meta property="og:description" content="JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties."><meta property="og:locale" content="en_US"><meta property="og:url" content="http://jwt.io/"><meta property="og:image" content="http://jwt.io/img/facebook-card.png"><meta property="og:image:type" content="image/png"><meta property="og:image:width" content="1200"><meta property="og:image:height" content="630"><link rel="stylesheet" type="text/css" href="/css/google-roboto-mono.css"><link rel="stylesheet" href="/css/bootstrap.min.css"><link rel="stylesheet" href="/css/codemirror.css" type="text/css" media="all"><link rel="stylesheet" href="/css/lint.css" type="text/css" media="all"><link rel="stylesheet" href="/css/budicon.css" type="text/css" media="all"><link rel="stylesheet" href="/css/index.css" type="text/css" media="all"><link rel="search" type="application/opensearchdescription+xml" title="JWT.io" href="/opensearch.xml"><link rel="apple-touch-icon" sizes="57x57" href="/img/favicon/apple-icon-57x57.png"><link rel="apple-touch-icon" sizes="60x60" href="/img/favicon/apple-icon-60x60.png"><link rel="apple-touch-icon" sizes="72x72" href="/img/favicon/apple-icon-72x72.png"><link rel="apple-touch-icon" sizes="76x76" href="/img/favicon/apple-icon-76x76.png"><link rel="apple-touch-icon" sizes="114x114" href="/img/favicon/apple-icon-114x114.png"><link rel="apple-touch-icon" sizes="120x120" href="/img/favicon/apple-icon-120x120.png"><link rel="apple-touch-icon" sizes="144x144" href="/img/favicon/apple-icon-144x144.png"><link rel="apple-touch-icon" sizes="152x152" href="/img/favicon/apple-icon-152x152.png"><link rel="apple-touch-icon" sizes="180x180" href="/img/favicon/apple-icon-180x180.png"><link rel="icon" type="image/png" sizes="192x192" href="/img/favicon/android-icon-192x192.png"><link rel="icon" type="image/png" sizes="32x32" href="/img/favicon/favicon-32x32.png"><link rel="icon" type="image/png" sizes="96x96" href="/img/favicon/favicon-96x96.png"><link rel="icon" type="image/png" sizes="16x16" href="/img/favicon/favicon-16x16.png"><link rel="manifest" href="/img/favicon/manifest.json"><meta name="msapplication-TileColor" content="#000000"><meta name="msapplication-TileImage" content="/img/favicon/ms-icon-144x144.png"><meta name="theme-color" content="#000000"><!-- Chrome extension link, required for inline installs--><link rel="chrome-webstore-item" href="https://chrome.google.com/webstore/detail/ppmmlchacdbknfphdeafcbmklcghghmd"></head><body><!-- Google Tag Manager (noscript)--><noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-W7FRLJ" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript><div class="top-banner-bg closed"></div><div class="top-banner closed"><div class="top-banner-container"><a href="https://a0.to/jwt-io-feedback" target="_blank">Learn about the upcoming changes to jwt.io and share your feedback<span aria-hiden="true">→</span></a><button class="close-top-banner">+</button></div></div><nav class="navbar"><div class="container"><div class="top-mobile"><div class="menu-trigger"><span></span></div><a class="brand" href="/"><img class="icon" src="/img/pic_logo.svg" alt="JWT logo"><img class="logo" src="/img/logo.svg" alt="JWT logo"></a></div><nav class="menu"><a class="scrollto" href="/#debugger-io">Debugger</a><a href="/libraries">Libraries</a><a href="/introduction">Introduction</a><a href="https://community.auth0.com/c/jwt/8" target="_blank">Ask</a></nav><div class="social"><a class="a0" href="https://developer.auth0.com" target="_blank"><span class="by-text">Crafted by</span><img src="/img/auth0_logo_header.svg" alt="Crafted by Auth0 - JWT.io Token Based Authentication"><span class="crafted-by__question-mark">?</span></a></div><a class="supported" href="https://auth0.com" target="_blank">Crafted by<img class="logo-mobile" src="/img/auth0_logo_ft.svg" alt="Crafted by Auth0 - JWT.io Token Based Authentication"></a></div></nav><div class="content"><section class="banner-jwt"><div class="container"><a class="logo" href="/"><img src="/img/pic_logo.svg" alt="JWT logo mark - Token Based Authentication"></a><p>JSON Web Tokens are an open, industry standard <a href="https://tools.ietf.org/html/rfc7519" target="_blank">RFC 7519</a> method for representing claims securely between two parties.</p><p>JWT.IO allows you to decode, verify and generate JWT.</p><a class="btn btn-lg" href="/introduction">Learn more about jwt</a><a class="btn btn-lg btn-ghost" href="/libraries">See jwt libraries</a></div></section><section class="debugger-jwt" id="debugger-io"><div class="container"><h1>Debugger</h1><div class="jwt-playground"><div class="warning"><strong>Warning:</strong> JWTs are credentials, which can grant access to resources. Be careful where you paste them! We do not record tokens, all validation and debugging is done on the client side.</div><div class="selections"><div class="algorithm"><label for="algorithm-select">Algorithm</label><div class="jwt-select"><select id="algorithm-select"><option name="algorithm" value="HS256" selected="">HS256</option><option name="algorithm" value="HS384">HS384</option><option name="algorithm" value="HS512">HS512</option><option name="algorithm" value="RS256">RS256</option><option name="algorithm" value="RS384">RS384</option><option name="algorithm" value="RS512">RS512</option><option name="algorithm" value="ES256">ES256</option><option name="algorithm" value="ES384">ES384</option><option name="algorithm" value="ES512">ES512</option><option name="algorithm" value="PS256">PS256</option><option name="algorithm" value="PS384">PS384</option><option name="algorithm" value="PS512">PS512</option></select></div></div></div><div class="algorithm-code"><div class="tab-nav"><div class="tab-link current"><a href="#encoded-jwt">Encoded<small>paste a token here</small></a></div><div class="tab-link"><a href="#decoded-jwt">Decoded<small>edit the payload and secret</small></a></div></div><div class="tab-content"><div class="box-content current" id="encoded-jwt" heap-ignore="true"><div class="input js-input"><div class="editor-warning warning js-editor-warnings hidden"></div></div></div><div class="box-content" id="decoded-jwt" heap-ignore="true"><div class="output"><div class="jwt-explained jwt-header"><p class="text-line">HEADER:<span>ALGORITHM & TOKEN TYPE</span></p><div class="js-header"></div></div><div class="jwt-explained jwt-payload"><p class="text-line">PAYLOAD:<span>DATA</span></p><div class="js-payload"></div></div><div class="jwt-explained jwt-signature"><p class="text-line">VERIFY SIGNATURE</p><pre class="pre-encode HS256"><span id="hmacsha-text">HMACSHA256</span>( base64UrlEncode(header) + "." + base64UrlEncode(payload), <input type="text" name="secret" value="your-256-bit-secret" title="Weak secret!"> )<span class="is-base64-encoded-label"> <input id="is-base64-encoded" type="checkbox" name="is-base64-encoded"><label for="is-base64-encoded">secret base64 encoded</label></span></pre><pre class="pre-encode RS256"><span id="rsasha-text">RSASHA256</span>( base64UrlEncode(header) + "." + base64UrlEncode(payload), <textarea rows="4" name="public-key" placeholder="Public Key in SPKI, PKCS #1, X.509 Certificate, or JWK string format."></textarea>, <textarea rows="5" name="private-key" placeholder="Private Key in PKCS #8, PKCS #1, or JWK string format. The key never leaves your browser."></textarea> )</pre></div></div></div></div></div><div class="debugger-footer container"><div class="row"><div class="col-xs-6 website-validation"><div class="validation-status js-signature"></div></div><div class="col-xs-6 website-share"><button class="btn"><span>SHARE JWT</span></button></div></div></div></div></div></section><section class="container"><div class="jtw-ebook-banner jwt-ebook-banner-image"><p><strong>Get the JWT Handbook for free!</strong> Download it now and get up-to-speed faster.</p><a class="btn btn-download-ebook" href="https://auth0.com/resources/ebooks/jwt-handbook" target="_blank">Download Ebook</a></div></section><section class="sources"><div class="container"><div class="columns"><div class="column libraries"> <div class="libraries-container"><h2>Looking for a JWT library?</h2><p>Head on over to our libraries page to find a JWT library in your favorite language.</p><a class="btn btn-lg" href="/libraries">See all libraries</a></div></div><div class="column badges"><h2>Badges</h2><div class="hold"><a href="http://jwt.io/img/badge.svg" target="_blank" title="Download View on JWT.io badge logo"><img src="img/badge.svg" alt="View on JWT.io badge logo"></a></div><div class="text-hold"><a href="http://jwt.io/img/badge.svg" target="_blank" title="Download View on JWT.io badge logo"><i class="icon-budicon-722"></i></a><p>http://jwt.io/img/badge.svg</p></div><div class="hold"><a href="http://jwt.io/img/badge-compatible.svg" target="_blank" title="Download JWT compatible badge logo"><img src="img/badge-compatible.svg" alt="JWT compatible badge logo"></a></div><div class="text-hold"><a href="http://jwt.io/img/badge-compatible.svg" target="_blank" title="Download JWT compatible badge logo"><i class="icon-budicon-722"></i></a><p>http://jwt.io/img/badge-compatible.svg</p></div></div><div class="column logotype"><h2>Logotype</h2><div class="hold"><a href="http://jwt.io/img/icon.svg" target="_blank" title="Download JWT logo mark icon"><img src="img/icon.svg" alt="JWT logo mark icon"></a></div><div class="text-hold"><a href="http://jwt.io/img/icon.svg" target="_blank" title="Download JWT logo mark icon"><i class="icon-budicon-722"></i></a><p>http://jwt.io/img/icon.svg</p></div><div class="hold"><a href="http://jwt.io/img/logo-asset.svg" target="_blank" title="Download JWT logo"><img src="img/logo-asset.svg" alt="JWT logo"></a></div><div class="text-hold"><a href="http://jwt.io/img/logo-asset.svg" target="_blank" title="Download JWT logo"><i class="icon-budicon-722"></i></a><p>http://jwt.io/img/logo-asset.svg</p></div></div></div></div></section><div class="tokens-created"><div class="container"><img class="logo" src="/img/auth0_logo_ft.svg" alt="Auth0 logo"><p>JWT.io is brought to you by <a href="https://auth0.com/signup/?utm_source=jwt.io&utm_medium=microsites&utm_campaign=devn_signup" target="_blank" rel="noreferrer noopener">Auth0</a></p><p>Securely implement authentication with JWTs using Auth0 on any stack and any device in less than 10 minutes.</p><a class="btn btn-success" href="https://auth0.com/signup/?utm_source=jwt.io&utm_medium=microsites&utm_campaign=devn_signup" target="_blank" rel="noreferrer noopener">Create free account</a><div class="token"><h5>TOKENS CREATED</h5></div><div class="counter"></div></div></div><script src="/js/index.js"></script></div><footer><div class="container"><div class="columns"><div class="column"><div class="privacy-links"><a href="https://auth0.com/privacy/" target="_blank">Privacy</a><span>•</span><a href="https://auth0.com/web-terms" target="_blank">Terms of Service</a><span>•</span><button class="as-anchor" id="open-ccpa">Your Privacy Choices </button><img class="ccpa-toggle" src="https://cdn.auth0.com/website/footer/ccpa.svg" alt="Privacy choices"></div><a href="https://developer.auth0.com" target="_blank">Crafted by<img class="logo" src="/img/auth0_logo_ft.svg" alt="Crafted by Auth0 - JWT.io Token Based Authentication"></a><div id="ccpa-modal"><button id="close-ccpa">x</button><h3>Your Privacy Choices</h3><p>Depending on your state of residence, including if you are a California resident, you have the right to opt out of certain sharing of personal information with third-party ad partners. We may share personal information with third-party ad partners, such as through cookies or by providing lists of email addresses for potential customers, so that we can reach them across the web with relevant ads.</p><p>If you wish to opt out of this sharing of your personal data in connection with cookies, please update your <button class="settings" onClick="window.OneTrust.ToggleInfoDisplay()">cookie settings.</button></p><p>If you wish to opt out of email-based sharing, provide your email address at <a class="settings" href="https://www.okta.com/your-privacy-choices/" target="_blank">this link.</a></p></div></div><div class="column pull-request"><span>Missing something?</span><a href="https://github.com/jsonwebtoken/jsonwebtoken.github.io/tree/master/views" target="_blank">Send a Pull Request</a><a style="text-decoration: none">-</a><a href="https://github.com/jsonwebtoken/jsonwebtoken.github.io/blob/master/LICENSE.txt" target="_blank">License</a></div><div class="column social-counter"><a class="twitter-follow-button" href="https://twitter.com/auth0" data-show-count="true">Follow @auth0</a></div></div></div></footer><script src="https://cdn.cookielaw.org/scripttemplates/otSDKStub.js" type="text/javascript" charset="UTF-8" data-domain-script="242ab321-e557-457a-b6fb-d3a773f05e7b" id="consent-script"> </script><script src="/js/cookie-consent.js"></script></body></html>