Paste a JSON Web Token to decode and inspect its header, payload, claims, and expiry status. Everything runs client-side.