Is kit95 free to use?

Yes, kit95 is 100% free to use. All PDF tools, image editing features, and web utilities are available without any cost, signup, or subscription required.

Is my data secure when using kit95?

Yes, absolutely. All file processing happens directly in your browser. Your files never leave your device and are not uploaded to any server. This ensures complete privacy and security.

What file formats does kit95 support?

kit95 supports PDF files for PDF tools, and common image formats (PNG, JPG, JPEG, WebP, GIF, BMP) for image tools. We also provide various web utilities for text processing, data conversion, and developer tools.

How many languages does kit95 support?

kit95 supports 4 languages: English, Korean, Japanese, and Chinese (Simplified).

Do I need to install any software to use kit95?

No installation required. kit95 works entirely in your web browser. Just visit the website and start using the tools immediately on any device with a modern browser.

What AI features does kit95 offer?

kit95 offers several AI-powered features including: AI image upscaling (2x, 3x, 4x), background removal, face blurring, and OCR text extraction from images in multiple languages.

JWTGuide.exe

How to Decode JWT Tokens

Tool location: /dev/jwt-decode

Decode and inspect JSON Web Tokens (JWT) to view their header and payload contents. JWTs are used for authentication and authorization in modern web applications. This tool decodes tokens without verifying their signature.

Step-by-Step Instructions

Step 1: Paste JWT Token

Copy your JWT token and paste it into the input field. JWTs have three parts separated by dots: header.payload.signature

Step 2: View Header

The decoded header shows the token type and signing algorithm (e.g., HS256, RS256). This tells you how the token was created.

Step 3: Inspect Payload

The payload contains the claims - the actual data in the token. Common claims include:

sub: Subject (usually user ID)
iat: Issued at timestamp
exp: Expiration timestamp
iss: Issuer
aud: Audience

Step 4: Check Expiration

The tool automatically checks if the token has expired by comparing the exp claim with the current time.

Key Features

Full Decoding

View complete header and payload contents.

Expiration Check

Automatic check if token is expired.

Time Conversion

Timestamps converted to readable dates.

JSON Formatting

Pretty-printed JSON for easy reading.

Claim Highlighting

Important claims highlighted for quick inspection.

Pro Tips

Check the exp claim to see when the token expires.
The signature is not verified - use this tool only for inspection.
Look at iss (issuer) to verify the token source.
Custom claims may contain application-specific data.

Important Notes

This tool does NOT verify signatures - do not trust decoded data for security decisions.

JWTs are only Base64 encoded, not encrypted - anyone can read the payload.

Never put sensitive data like passwords in JWT payloads.

An invalid or malformed JWT will show an error.

Frequently Asked Questions

Q: What is a JWT?

A: A JSON Web Token (JWT) is a compact, URL-safe token format used to securely transmit information between parties. It consists of three parts: header (algorithm info), payload (claims/data), and signature (verification).

Q: Why does this tool not verify signatures?

A: Signature verification requires the secret key or public key used to sign the token. This client-side tool is for inspection only. Your server should verify signatures before trusting token contents.

Q: What does "Token Expired" mean?

A: The token exp (expiration) claim timestamp is in the past. The token should no longer be accepted. Generate a new token through your authentication flow.

Q: Can I modify a JWT?

A: You can modify the payload, but the signature will become invalid. JWTs are tamper-evident - any modification breaks the signature verification on the server.

Try How to Decode JWT Tokens Now >