What is JWS compact serialization format?

JWS compact serialization is a URL-safe string format consisting of three Base64URL-encoded parts separated by dots: header.payload.signature. The header contains algorithm info, the payload contains claims, and the signature ensures integrity.

What information can be extracted from a JWS token?

From a JWS token you can extract: the header (algorithm, token type, key ID), the payload (all claims including iss, sub, aud, exp, nbf, iat, jti and custom claims), and the signature. Note that parsing does not verify the signature.

Is parsing the same as verifying a JWS?

No. Parsing only decodes and displays the token contents without verifying the signature. To verify a JWS signature, you need the corresponding key (public key for RSA/ECDSA or shared secret for HMAC). Use our JWS Verification tool for signature validation.

What JWT claims are displayed by the parser?

The parser displays all registered JWT claims when present: Issuer (iss), Subject (sub), Audience (aud), Expiration Time (exp), Not Before (nbf), Issued At (iat), and JWT ID (jti). Custom claims in the payload are also shown.

Can this tool parse JWE (encrypted) tokens?

Yes, the parser can identify JWE tokens and display their components including the encrypted key, initialization vector (IV), ciphertext, and authentication tag. However, it cannot decrypt the payload without the decryption key.

JWS Parser & Decoder

By Anish Nath - Security Engineer & Cryptography Expert | @anish2good | Last Updated: January 23, 2025

Privacy-First No Tokens Stored 100% Free

How to Use: Paste your JWS/JWT token in compact serialization format (header.payload.signature). The parser will automatically decode and display the header, payload, signature, and any JWT claims.
Note: Parsing only decodes the token - it does not verify the signature. Use the JWS Verification tool to validate signatures.

JWS Input

JWS Serialized Token Format: header.payload.signature (Base64URL encoded)

Parsed Output

Parsed JWS components will appear here

Paste a JWS token and click "Parse JWS"

Related JWS/JWT Tools

JWS Signature Verification

Support This Free Tool

Every coffee helps keep the servers running. Every book sale funds the next tool I'm dreaming up. You're not just supporting a site — you're helping me build what developers actually need.

500K+ users

200+ tools

100% private

☕ One-time support Buy me a coffee 📚 Learn & support 9-Book Bundle - $9 Stay updated Follow @anish2good

Privacy Guarantee: Private keys you enter or generate are never stored on our servers. All tools are served over HTTPS.

Understanding JWS Structure

A JSON Web Signature (JWS) in compact serialization format consists of three Base64URL-encoded parts separated by dots, as defined in RFC 7515.

JWS Compact Serialization Format


                BASE64URL(UTF8(JWS Protected Header)) || '.' ||

                BASE64URL(JWS Payload) || '.' ||

                BASE64URL(JWS Signature)

JWS Components

Component	Description	Example Content
Header	Contains algorithm (`alg`) and token type (`typ`). May include key ID (`kid`) for key selection.	`{"alg":"HS256","typ":"JWT"}`
Payload	Contains the claims (data). For JWT, includes registered claims like `iss`, `sub`, `exp`, etc.	`{"sub":"1234567890","name":"Anish Nath","iat":1516239022}`
Signature	Cryptographic signature over the header and payload, computed using the specified algorithm.	`9tFLrurxXWKBDh317ly24fP03We-uzSZtPf7Yqy_oSw`

JWT Registered Claims

When the JWS payload contains a JWT, these registered claims may be present:

Claim	Name	Description
`iss`	Issuer	Identifies the principal that issued the JWT
`sub`	Subject	Identifies the subject of the JWT
`aud`	Audience	Identifies the recipients the JWT is intended for
`exp`	Expiration Time	Time after which the JWT must not be accepted
`nbf`	Not Before	Time before which the JWT must not be accepted
`iat`	Issued At	Time at which the JWT was issued
`jti`	JWT ID	Unique identifier for the JWT

Security Note: Parsing a JWS only decodes its contents - it does NOT verify the signature. An attacker can modify the payload of an unsigned or improperly verified token. Always verify signatures before trusting token contents in production systems.

JWS Parser & Decoder

JWS Input

Parsed Output

Related JWS/JWT Tools

Support This Free Tool

Understanding JWS Structure

JWS Compact Serialization Format

JWS Components

JWT Registered Claims

Quick Access

PGP Tools

Sharing Services

Security Tools

Cryptography

Network Tools

Legal & Compliance

DevOps/Container

Blockchain

Encoders/Converters

Developer Tools

Machine Learning Visualizers

Media Tools

Documents & PDF

Finance

Health

Lifestyle & Productivity

Chemistry

Math & Education

Physics Tools

Internationalization