🎫 JWT Dekoder

Dekodirajte JSON spletne žetone (JWT) in preglejte celotno glavo (Header), podatke (Payload) ter podpis (Signature).

Za kaj dejansko uporabljamo JSON Web Token?

JWT je standard prenašanja varnih trditev med spletnim odjemalcem (bodisi brskalnikom) in strežnikom, največkrat za sisteme identifikacije (prijava) in avtorizacije brez zapisov v bazah stanja.

Razumevanje zgradbe tokenov

  • Glava (Header): Poda algoritem. Contains the signing algorithm (e.g., HS256, RS256) and token type.
  • Podatki (Payload): Seznam trditev. Contains claims — statements about the user and additional metadata.
  • Podpis: Dokaz nezlorabe. Verifies the token hasn't been tampered with. Created using the header, payload, and a secret key.

Tehnična podpora in navodila za JWT

Aplikacija pošilja moje žetone v analizo do vašega oddaljenega strežnika?

Ne. Proces dekodiranja JWT žetona preko DNS Visor platforme izhaja isključno iz odjemskega vmesnika, brez omrežnih prošenj. Podatki ne zapustijo vašega zaslona.

Katere številke tvori polje 'exp' v Payload-u JWT žetona?

Vrednost exp nastavi potek trajanja žetona in ustreza številu sekund v standardu UNIX Timestamp. Žeton po tem preneha veljati in prepreči varnostne zlorabe iz preteklosti.

Decodes JSON Web Tokens showing header, payload, and signature without requiring the secret key, for debugging auth flows.

Key Facts

  • Standardized in RFC 7519 (2015)
  • 80%+ of modern APIs use JWT
  • Three parts separated by dots (.)
  • Common algorithms: HS256, RS256

Frequently Asked Questions

What is a JWT?

Compact, URL-safe token with header (algorithm), payload (claims), and signature for API authentication.

Is decoding JWT safe?

Yes — payload is base64-encoded, not encrypted. Security is in signature verification, not content hiding.

What are JWT claims?

Statements about user: iss (issuer), sub (subject), exp (expiration), iat (issued at), aud (audience).

How long should JWT last?

Access tokens: 15-30 min. Refresh tokens: 7-30 days. Short-lived limits damage if compromised.