How to use JWT Signature Verifier

1. Paste your shared secret key on the first line.
2. On the following line, paste the full JWT (header.payload.signature).
3. Click Validate to check whether the signature matches for HS256, HS384, or HS512.

Example

my-secret-key
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VySWQiOjF9.DUMMY_SIGNATURE

{
  "valid": false,
  "algorithm": "HS256",
  "reason": "Signature does not match for the provided secret."
}

Frequently asked questions

Which JWT algorithms are supported?

This verifier supports HS256, HS384, and HS512 using a shared secret. It does not verify RS256 or other asymmetric algorithms.

Does this tool store my JWT or secret?

Verification is performed in your browser using the Web Crypto API. Secrets and tokens are not stored on the server.

Related tools

• JWT DecoderDecode header, payload, display claims, validate expiration
• JWT GeneratorCreate JWT with HS256 and custom payload
• Hash GeneratorMD5, SHA-1, SHA-256, SHA-512 hashes
• Password GeneratorCustom length, numbers, symbols
• Password Strength CheckerEvaluate strength and security suggestions
• HMAC GeneratorGenerate HMAC (SHA-1/256/384/512) from key and message