Skip to content
DevKnife Logo DevKnife Logo DevKnife Docs

JWT Decoder

The JWT Decoder in DevKnife makes it easy to work with JSON Web Tokens right on your Mac. You can quickly decode a token to see its header, payload, and signature, or switch to encode mode to generate a new token from your own data. Everything runs fully offline, so your tokens never leave your computer.

DevKnife JWT Decoder

Key Features

Section titled “Key Features”
  • Dual Mode Operation - Switch between Decode and Encode modes using the toolbar
  • Algorithm Support - Full support for HS256, HS384, HS512, and none algorithms
  • Interactive Timestamps - Click on exp, iat, and nbf timestamp fields to open them in the Time Inspector
  • Live Validation - Real-time error checking for header, payload, and secret
  • Syntax Highlighting - Color-coded JSON for better readability
  • Offline Processing - All operations happen locally on your Mac

Decode Mode

Section titled “Decode Mode”

Paste a JWT token to instantly see its decoded contents:

  1. Header - View the token’s algorithm and type
  2. Payload - See all claims and data contained in the token
  3. Signature Verification - Validate the token’s signature with the secret key

Interactive Timestamp Fields

Section titled “Interactive Timestamp Fields”

When decoding tokens, timestamp fields (exp, iat, nbf) appear as clickable links with a dashed underline. Click any timestamp to instantly open the Time Inspector with that Unix timestamp pre-loaded, making it easy to:

  • Check when a token expires (exp)
  • See when a token was issued (iat)
  • Verify when a token becomes valid (nbf)

Encode Mode

Section titled “Encode Mode”

Create new JWT tokens by providing:

  1. Header - Define the algorithm (HS256, HS384, HS512) and type
  2. Payload - Add your claims and data as JSON
  3. Secret - Provide a secret key for signing

The tool validates your inputs in real-time:

  • Header validation - Ensures valid JSON with required alg field
  • Payload validation - Checks for valid JSON structure
  • Secret strength - Warns if the secret is too short for the selected algorithm
    • HS256: Requires 256 bits (32+ characters)
    • HS384: Requires 384 bits (48+ characters)
    • HS512: Requires 512 bits (64+ characters)

Supported Algorithms

Section titled “Supported Algorithms”
  • HS256 - HMAC with SHA-256
  • HS384 - HMAC with SHA-384
  • HS512 - HMAC with SHA-512
  • none - Unsecured JWTs (no signature)

Privacy

Section titled “Privacy”

The JWT Decoder runs entirely on your Mac. No tokens, secrets, or data are ever transmitted to external servers or collected. Your sensitive authentication data remains completely private.

Tips

Section titled “Tips”
  • Use the demo data that loads on first use to learn the tool
  • Click timestamp fields in decoded tokens to inspect them in detail
  • Ensure your secret meets the minimum length requirement for the algorithm