Decode and print JWT token

Quickly have a look inside jwt token

Page content

Here are some effective methods for decoding and printing JWT tokens directly from the command line:

man with a big screen with uncomprehensible stuff

1. Using jq

The jq tool can be used to decode and pretty-print JWT tokens:

  • Command:

    echo "" | jq -R 'split(".") | .[0:2] | map(@base64d) | map(fromjson)'

    This splits the JWT into its components (header and payload), decodes them from Base64, and formats them as JSON.

  • Example:

    echo "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c" \
  | jq -R 'split(".") | .[0:2] | map(@base64d) | map(fromjson)'

2. Bash Script

A custom Bash script can decode JWT tokens using base64 and jq:

  • Script:

    #!/usr/bin/env bash
function decode_jwt() {
    IFS='.' read -ra PARTS "

  • Save this script to a file (e.g., decode_jwt.sh), make it executable (chmod +x decode_jwt.sh), and run it with your token as an argument.

3. Zsh Function

Add the following function to your .zshrc file for quick access:

  • Function: 
    function jwt() {
    for part in 1 2; do
        b64="$(cut -f$part -d. "

This decodes the header and payload using OpenSSL and formats them with Python’s json.tool.

4. Using jwt-cli

Install the jwt-cli tool to decode JWTs easily:

  • Installation:

    brew tap sgaunet/homebrew-tools
brew install sgaunet/tools/jwt-cli

  • Command:

    jwt-cli decode

This tool also supports encoding and signing JWTs[2].

5. Minimal One-Liner with OpenSSL

For a quick solution without additional tools:

  • Command: 
    echo "" | awk -F'.' '{print $1, $2}' | tr ' ' '\n' | base64 -d | python -mjson.tool

This uses awk to split the token, base64 to decode, and Python to format the output.