Gain control over your JWTs

JWT Inspector is a browser extension that lets you decode and inspect JSON Web Tokens in requests, cookies, and local storage. Also debug any JWT directly from the console or in the built-in UI.

Add to Chrome Add to Firefox Add to Safari View on GitHub

Soon also available for Firefox and Safari.

Currently only available for Chrome. Click the Add to Firefox button above to get notified when it comes to Firefox.

Currently only available for Chrome. Click the Add to Safari button above to get notified when it comes to Safari.

  • Elements
  • Console
  • Sources
  • Network
  • Timeline
  • Profiles
  • Resources
  • Security
  • Audits
  • JWT
  • Debug
  • Cookies
  • Storage 3
  • Requests
  • Current page
  • Filter
Key
auth.token
jwt
token
token
JWT
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJmZjg5NjU1Ny0yMzgyLTRkNmUtYWJkOC1hMDFhOTFhYmQ5NGYiLCJlbWFpbCI6ImpvaG5AZXhhbXBsZS5jb20iLCJpc19hZG1pbiI6dHJ1ZX0._lYAdmfszpyfbqWUeCC4LkfWbltC3uF29FiSPaHTJ70
Header 
                    {
                      typ: "JWT",
                      alg: "HS256"
                    }
Payload

Inspect JWTs everywhere

Find and inspect JWTs in cookies, local storage, and requests.

  • Elements
  • Console
  • Sources
  • Network
  • Timeline
  • Profiles
  • Resources
  • Security
  • Audits
  • JWT
  • Debug
  • Cookies
  • Storage
  • Requests 1
  • Current page
  • Preserve log
  • Filter
Method Url Status
GET http://localhost/?jwt=eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJmZjg5NjU1Ny0yMzgyLTRkNmUtYWJkOC1hMDFhOTFhYmQ5NGYiLCJlbWFpbCI6ImpvaG5AZXhhbXBsZS5jb20iLCJpc19hZG1pbiI6dHJ1ZX0._lYAdmfszpyfbqWUeCC4LkfWbltC3uF29FiSPaHTJ70 200

Easily debug JWTs

Paste a JWT and decode its header, payload, and signature.

  • Elements
  • Console
  • Sources
  • Network
  • Timeline
  • Profiles
  • Resources
  • Security
  • Audits
  • JWT
  • Debug
  • Cookies
  • Storage
  • Requests
Encoded
eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJmZjg5NjU1Ny0yMzgyLTRkNmUtYWJkOC1hMDFhOTFhYmQ5NGYiLCJlbWFpbCI6ImpvaG5AZXhhbXBsZS5jb20iLCJpc19hZG1pbiI6dHJ1ZX0._lYAdmfszpyfbqWUeCC4LkfWbltC3uF29FiSPaHTJ70
Decoded
Header 
                      {
                        typ: "JWT",
                        alg: "HS256"
                      }
Payload 
                      {
                        sub: "ff896557-2382-4d6e-abd8-a01a91abd94f",
                        email: "[email protected]",
                        is_admin: true
                      }
Signature

Debug JWTs with the console

Use console.jwt() to decode and dump a JWT to the console.

  • Elements
  • Console
  • Sources
  • Network
  • Timeline
  • Profiles
  • Resources
  • Security
  • Audits
  • JWT
console.jwt('eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJmZjg5NjU1Ny0yMzgyLTRkNmUtYWJkOC1hMDFhOTFhYmQ5NGYiLCJlbWFpbCI6ImpvaG5AZXhhbXBsZS5jb20iLCJpc19hZG1pbiI6dHJ1ZX0._lYAdmfszpyfbqWUeCC4LkfWbltC3uF29FiSPaHTJ70'); 
                  JWT {
                    header: Object
                    payload: Object
                    signature: "_lYAdmfszpyfbqWUeCC4LkfWbltC3uF29FiSPaHTJ70"
                  }