LibraTool logoLibraTool
🔑
🔌

Inspect API Tokens While Testing Endpoints

Decode JWTs returned by your API to verify the right claims, scopes, and permissions are being issued.

Ei kirjautumista tarvita

🔒 The token is decoded entirely in your browser. Nothing is sent to any server.

API Testing tips

🔌

After hitting your /auth/login endpoint in Postman or curl, paste the returned token here to verify the user role, scopes, and expiration look correct.

💡

For OAuth integrations: paste the access token to see the granted `scope` claim. Mismatches between requested and granted scopes cause silent permission failures.

📋

Use the "Copy JSON" button to copy the payload and paste it into your API documentation as an example of what the token contains.

🔍

The standard claims explained section helps API consumers understand what fields like `iss`, `sub`, `aud` actually mean in the OAuth/OIDC specs.

Miten se toimii

1
Syötä
Enter your data into the tool above. Everything stays local to your browser.
2
Käsittele
The tool processes your data instantly in your browser using JavaScript. No server, no waiting.
3
Lataa
Get your result instantly. Nothing is stored after you leave the page — complete privacy.

Miksi käyttää meidän?

Täysin ilmainen — ei piilokustannuksia, koskaan
Ei tiliä, sähköpostia tai kirjautumista tarvita
Tiedostot eivät koskaan poistu laitteeltasi
Ei tiedostokokorajoituksia lainkaan
Ei vesileimoja missään tulosteessa

Also check out…

🔐

Debug Authentication Issues with JWT Decoder

Inspect JWTs from your app to debug login failures

🛡️

Security Audit JWT Tokens

Review JWTs as part of a security audit — check fo

🤝

Inspect OAuth and OpenID Connect Tokens

Decode access tokens, ID tokens, and refresh token

📚

Learn How JWT Tokens Work

Decode example JWTs to understand the structure: h

Usein kysytyt kysymykset

Back to JWT Decoder