JWT Token Expiry Calculator

Paste your JWT token into the input field and this tool decodes the payload claims to reveal the expiry time (exp), issued-at time (iat), not-before (nbf), and full decoded header and payload. You'll see whether the token is currently valid, expired, or not yet active, along with a human-readable breakdown of all timestamps.

Paste the full JWT string including all three dot-separated parts. No data is sent to any server.

Results

Token Status

--

Expiry Date & Time (exp)

--

Issued At (iat)

--

Not Before (nbf)

--

Time Until Expiry

--

Total Token Lifetime (seconds)

--

Algorithm (alg)

--

Token Type (typ)

--

Decoded Payload (JSON)

--

Results Table

Frequently Asked Questions

How does the JWT expiry checker work?

A JWT token is a Base64URL-encoded string with three dot-separated parts: header, payload, and signature. This tool decodes the payload section client-side in your browser, extracts the 'exp' (expiration) Unix timestamp, and compares it to the current time to determine if the token is still valid. No data is ever sent to a server.

What does the expiry checker show?

The tool displays the token's current status (Valid, Expired, or Not Yet Active), the human-readable expiry date and time, the issued-at timestamp (iat), the not-before timestamp (nbf), the total token lifetime in seconds, the signing algorithm, and a full decoded JSON payload of all claims.

Is it safe to check JWT expiry here?

Yes. All decoding happens entirely in your browser using JavaScript — no token data is transmitted to any external server. However, avoid pasting tokens containing highly sensitive production credentials into any online tool as a best practice. This tool does not verify the token's signature, only its claims.

What if my JWT doesn't have an expiry field?

Not all JWTs include an 'exp' claim. If your token omits it, the tool will indicate that no expiry is set and the token does not expire on its own. Other claims like 'iat' and 'nbf' will still be displayed if present.

Can I check tokens that have already expired?

Absolutely. The tool will decode the token regardless of its expiration status and clearly indicate that it is expired, showing how long ago it expired. This is useful for debugging authentication issues.

What is a JWT?

A JSON Web Token (JWT) is a compact, URL-safe token used to securely transmit information between parties. It consists of three Base64URL-encoded parts — a header (algorithm and token type), a payload (claims such as user ID and expiry), and a signature. They are widely used in authentication and authorization flows.

What does the Unix timestamp in the exp field mean?

The 'exp' field stores a Unix timestamp — the number of seconds elapsed since January 1, 1970 (UTC). For example, 1473912000 translates to September 15, 2016. This tool automatically converts that number into a human-readable date and time so you don't need to do the math manually.

What is the difference between exp, iat, and nbf claims?

'exp' (Expiration Time) defines when the token becomes invalid. 'iat' (Issued At) records when the token was created. 'nbf' (Not Before) specifies a time before which the token must not be accepted. All three are Unix timestamps measured in seconds.

More Time & Date Tools