¿Odias los anuncios? Ir Sin publicidad Hoy 

JWT Expiry & Lifetime Checker

Desarrollador

ANUNCIO PUBLICITARIO · ¿ELIMINAR?

APORTE

PROD.

Lado cliente

Claim	Valor	Descripción
El resultado aparecerá aquí

ANUNCIO PUBLICITARIO · ¿ELIMINAR?

Guía

JWT Expiry & Lifetime Checker

Paste a JSON Web Token to instantly check its expiry status, see a live countdown to expiration, and visualize the token’s lifetime on an interactive timeline. Decode all standard claims (iss, sub, aud, exp, iat, nbf) plus custom claims — all without needing the signing secret. Everything runs in your browser.

Cómo utilizar

Paste your JWT in the input field and click Check. The tool decodes the header and payload, displays the token’s validity status (valid, expired, not yet valid, expiring soon), shows a live countdown updating every second, and renders a visual timeline from issued-at to expiration with the current time marked.

Características

Live Countdown – Real-time “Expires in 2h 34m 17s” counter updating every second
Visual Timeline – Progress bar showing issued-at → now → expiration with percentage elapsed
Validity Status – Color-coded indicator: 🟢 Valid, 🔴 Expired, 🟡 Not Yet Valid, 🟠 Expiring Soon, ⚪ No Expiry
Time Claims – Shows iat (issued at), exp (expiration), and nbf (not before) as human-readable dates
Token Lifetime – Total lifetime (exp − iat) displayed in human-readable format with percentage elapsed
All Claims Decoded – Full claims table including iss, sub, aud, jti, and any custom claims
Header Info – Shows signing algorithm (HS256, RS256, ES256, etc.) and token type
No Secret Needed – Inspection-only decoding; no signature verification required

ANUNCIO PUBLICITARIO · ¿ELIMINAR?

 Preguntas frecuentes

Is it safe to paste my JWT here?

Yes. This tool runs entirely in your browser — your token is never sent to any server. The decoding is done using JavaScript's built-in atob() function for base64 decoding. No network requests are made with your token data. However, remember that JWTs are credentials: avoid pasting production tokens in any online tool unless you trust it completely. This tool is ideal for inspecting development or staging tokens.
What do the JWT time claims (iat, exp, nbf) mean?

JWT tokens use three standard time claims, all stored as Unix timestamps (seconds since January 1, 1970). 'iat' (Issued At) records when the token was created. 'exp' (Expiration Time) specifies when the token should no longer be accepted. 'nbf' (Not Before) specifies the earliest time the token should be accepted. A token is valid only when the current time is after nbf and before exp. Not all tokens include all three claims — exp is the most common, while nbf is optional.
Can this tool verify JWT signatures?

No — this tool is designed for inspection and expiry checking only. JWT signature verification requires the signing secret (for HMAC algorithms like HS256) or the public key (for asymmetric algorithms like RS256 or ES256). Since this tool never asks for your secret and runs client-side only, it decodes and displays the token's content without verifying the signature. For full JWT validation including signature verification, use a server-side JWT library in your application.