DevToolBoxGRATIS
Blogg

JWT Parser

Parse JWT tokens and extract all claims with human-readable labels. Auto-convert timestamps to dates and check expiration status.

JWT Claims Reference

Registered Claims (RFC 7519)

ClaimNameTypeDescription
issIssuerStringEntity that issued the JWT
subSubjectStringSubject of the JWT (usually user ID)
audAudienceString/ArrayIntended recipient(s) of the JWT
expExpirationNumberUnix timestamp when token expires
nbfNot BeforeNumberUnix timestamp before which token is invalid
iatIssued AtNumberUnix timestamp when token was created
jtiJWT IDStringUnique identifier for the token

Public Claims (OpenID Connect)

ClaimNameStandard
nameFull NameOpenID Connect Core
emailEmailOpenID Connect Core
email_verifiedEmail VerifiedOpenID Connect Core
azpAuthorized PartyOpenID Connect Core
nonceNonceOpenID Connect Core
at_hashAccess Token HashOpenID Connect Core
auth_timeAuth TimeOpenID Connect Core
acrAuthentication ContextOpenID Connect Core
amrAuthentication MethodsOpenID Connect Core

Private Claims

Custom claims defined by the application. These are not registered or standardized and are used to share information between parties that agree on using them. Examples: role, permissions, tenant_id, etc.

Frequently Asked Questions

What are JWT claims?
JWT claims are pieces of information asserted about a subject. They are the key-value pairs in the JWT payload. Claims can be registered (standardized names like iss, sub, exp), public (registered in the IANA JSON Web Token Claims registry), or private (custom claims agreed upon by the parties using the token).
What is the difference between registered and custom claims?
Registered claims are predefined by the JWT specification (RFC 7519) and have standardized meanings, such as iss (issuer), sub (subject), exp (expiration). Custom (private) claims are application-specific and can be any key-value pair agreed upon by the token producer and consumer, like user_role, tenant_id, or department.
How do I read the expiration time in a JWT?
The exp claim contains a Unix timestamp (seconds since January 1, 1970 UTC) representing when the token expires. To check if a token is expired, compare the exp value with the current Unix timestamp. If the current time is greater than exp, the token has expired. This parser automatically converts exp to a human-readable date and shows the expiration status.

Related JWT Tools

𝕏 Twitterin LinkedIn

Vurder dette verktøyet

4.0 / 5 · 214 vurderinger

More Tools

JWTJWT DecoderJDJWT Token DecoderJVJWT Validator{ }JSON Formatter

Recommended

CloudflareFree CDN & DDoS protection

Hold deg oppdatert

Få ukentlige dev-tips og nye verktøy.

Ingen spam. Avslutt når som helst.

Enjoy these free tools?

Buy Me a Coffee