encoding
JWT Decoder API Reference
Paste a JSON Web Token to instantly decode its header and payload. Optionally supply a secret or public key to verify the signature.
Endpoint
POST
/api/jwt-decoderFull URL: https://quickhelp.dev/api/jwt-decoder
Request
Content-Type: application/json. No authentication required for the anonymous free tier (30 req/min per IP).
| Field | Type | Required | Description |
|---|---|---|---|
| token | string | Yes | The JWT string (three base64url-encoded parts separated by dots) |
| secret | optional | No | Secret (HS*) or PEM public key (RS*/ES*) for signature verification |
| algorithm | default | No | Signing algorithm — required when verifying |
Response
Returns application/json. On error, returns a JSON object with an error string field and an appropriate HTTP status code.
| Field | Type | Description |
|---|---|---|
| header | record | — |
| payload | record | — |
| signature | string | — |
| valid_structure | boolean | — |
| verified | optional | — |
Example
Decode a basic JWT
curl
curl -X POST https://quickhelp.dev/api/jwt-decoder \
-H 'Content-Type: application/json' \
-d '{"token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"}'Request body
{
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c"
}Response
{
"header": {
"alg": "HS256",
"typ": "JWT"
},
"payload": {
"sub": "1234567890",
"name": "John Doe",
"iat": 1516239022
},
"signature": "SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c",
"valid_structure": true
}Error codes
| Status | Meaning |
|---|---|
| 200 | Success — result in response body |
| 400 | Bad request — invalid input; error field describes the problem |
| 404 | Tool not found |
| 429 | Rate limit exceeded (30 req/min anonymous, 300 req/min free key) |
| 500 | Internal server error — transient; retry with exponential back-off |
OpenAPI spec
The full OpenAPI 3.1 specification for all tools is available at /openapi.json. Import it into Postman, Insomnia, or any OpenAPI-compatible client to get all endpoints with schema validation automatically.