JWT Decode
Standard · 1 creditDecode a JWT token without verification to inspect its header, payload, and time claims.
POST /api/jwt
Section titled “POST /api/jwt”Parameters
Section titled “Parameters”| Field | Type | Required | Description |
|---|---|---|---|
token | string | Yes | JWT token to decode |
No signature verification is performed. This is a decode-only tool for inspecting token contents.
Response
Section titled “Response”| Field | Type | Description |
|---|---|---|
header | object | JWT header (e.g. alg, typ) |
payload | object | JWT payload claims |
is_expired | boolean | Whether the token has expired |
issued_at | string | iat claim as RFC 3339 timestamp |
expires_at | string | exp claim as RFC 3339 timestamp |
not_before | string | nbf claim as RFC 3339 timestamp |
Example
Section titled “Example”curl -X POST https://morso.dev/api/jwt \ -H "Authorization: Bearer YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyLCJleHAiOjE1MTYyNDI2MjJ9.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"}'{ "header": { "alg": "HS256", "typ": "JWT" }, "payload": { "sub": "1234567890", "name": "John Doe", "iat": 1516239022, "exp": 1516242622 }, "is_expired": true, "issued_at": "2018-01-18T01:30:22Z", "expires_at": "2018-01-18T02:30:22Z"}Errors
Section titled “Errors”- 400 — Invalid JWT format or malformed header/payload.
See Errors for the standard error shape.