A JWT contains a header, payload, and signature. The header and payload are Base64URL-encoded, not encrypted.
Never paste production access tokens into tools you do not trust. Prefer local decoding when inspecting claims, expiry, subject IDs, or scopes.
WiseTool’s JWT Decoder runs in your browser and does not upload the token.