AppSec Tool

JWT Decoder & Security Analyzer

Paste any JSON Web Token. Decodes header and payload, and flags security issues — alg:none, weak algorithms, expired tokens, sensitive field names in claims, and missing standard claims.