Tool Help

What this JWT tool does
This tool decodes JSON Web Tokens (JWTs) into their header, payload, and signature components. It does not verify signatures or validate claims; it is intended for quick inspection and troubleshooting.
Typical use cases
- Inspecting OAuth2 / OpenID Connect access and ID tokens.
- Debugging scopes, audiences, and expiry times.
- Understanding which identity provider issued a token.
Healthcare context
- Decoding SMART on FHIR access tokens during app registration and troubleshooting.
- Confirming patient context and launch parameters in FHIR-based workflows.
- Inspecting JWTs used by API gateways that sit in front of EMRs or integration engines.
All decoding happens in your browser. Do not paste production tokens or live PHI into public tools. Use non-production or synthetic data whenever possible.

