JWT Verifier
Verify a JWT signature with a secret or public key.
A valid signature only proves the token wasn't tampered with — always check exp, iss, and aud too.
🔒 Your token and secret never leave your browser — everything runs locally via the Web Crypto API.
🔒 Private by design: tokens, secrets, and keys are processed entirely in your browser with the Web Crypto API — nothing is sent to a server, stored, or logged. Even so, avoid pasting production secrets into any online tool.