JWT Signature Verifier
Verify HS256/HS384/HS512 JWT signatures with your secret and inspect the claims.
Runs locally in your browser. Your input is not uploaded.
How to Use
- 1
Paste the JWT
The header, payload, and time claims decode immediately.
- 2
Enter the secret
The HMAC signature is recomputed and compared.
- 3
Read the verdict
VALID means the secret matches; INVALID means wrong secret or tampering.
Frequently Asked Questions
- Paste the token and enter the shared secret — the tool recomputes the HMAC (HS256, HS384, or HS512 per the header) and tells you whether the signature matches, plus decodes the header and payload.
Related Tools
Password Strength CheckerCheck password strength and crack time estimateAES EncryptionEncrypt and decrypt text with AES-256 in your browserTOTP / 2FA GeneratorGenerate TOTP codes from a secret key (Google Authenticator compatible)SHA-256 GeneratorGenerate SHA-256 hashes from any textMD5 GeneratorGenerate MD5 hashes for checksums and fingerprintingSalt GeneratorGenerate cryptographic salt values for password hashingJWT BuilderBuild and sign JWT tokens with a custom payload and secretXOR CipherEncrypt or decrypt text with a XOR key