JWT

JWTs are widely used for API authentication and session management, yet there are surprisingly few easy ways to inspect a payload or check its signing algorithm. These tools let you decode a JWT to see its contents, generate and sign one with a shared secret, and verify signatures using public-key algorithms like RS256/ES256. Everything runs entirely in your browser, so your tokens are never sent anywhere.