/decode /verify /sign

Open source · Client-side · Zero backend

JSON Web Tokens
decoded.

Decode, verify, and generate JWTs. Entirely in your browser. No data leaves your machine.

Start debugging View on GitHub

Scroll

— Downloads

— GitHub Stars

0 Tests Passing

0 Themes

0 Languages

0 Libraries

cli

JWT operations from your terminal

🔓

Decode JWT

Pretty-print header + payload with colors

tokx decode <token>

🔐

Encode JWT

Sign tokens with any algorithm

tokx encode --secret s --payload {}

✓

Verify Signature

Validate with badge output

tokx verify <token> --secret s

📚

Browse Libraries

46 libraries across 31 languages

tokx libs --language Go

📄

JSON Output

Machine-readable for piping to jq

tokx decode <token> --json

⏳

Async Spinner

Visual feedback for async operations

⠋ Signing token...

📦

Box Output

Box-framed decoded sections

┌─ HEADER ──────┐

🏅

Verify Badge

Double-line verification badges

╔══ ✓ VERIFIED ══╗

🎨

Color-Coded

JWT parts in red.purple.cyan

header.payload.signature

🔗

Stdin Piping

Unix-friendly composability

echo TOKEN | tokx decode -

🚫

NO_COLOR

Respects NO_COLOR standard

NO_COLOR=1 tokx decode ...

🚪

Exit Codes

Proper exit codes for scripts

0=ok 1=input 2=verify 3=error

why tokx?

Stop the manual decoding

The Old Way

bash

$ echo "eyJhbGci..." | cut -d. -f2

eyJzdWIiOiIxMjM0NTY3ODkw...

$ echo "eyJzdWIi..." | base64 -d

{"sub":"1234567890","name":"John"}

$ # Now do the header too...

$ # And verify the signature?

# Good luck with that manually

The tokx Way

tokx

$ tokx decode eyJhbGci...

┌─ HEADER (HS256) ──────┐

│ { "alg": "HS256" } │

└────────────────────────┘

✓ sub 1234567890

✓ iat 2018-01-18

Algorithm: HS256

install

Available on every platform

Quick Start

npx tokx-cli decode <token>

Global Install

npm i -g tokx-cli

Quick Start

pnpm dlx tokx-cli decode <token>

Global Install

pnpm add -g tokx-cli

Quick Start

yarn dlx tokx-cli decode <token>

Global Install

yarn global add tokx-cli

Quick Start

bunx tokx-cli decode <token>

Global Install

bun add -g tokx-cli

Quick Start

brew install hammadxcm/tap/tokx

Global Install

brew install hammadxcm/tap/tokx

Quick Start

pip install tokx

Global Install

pip install tokx

Quick Start

cargo binstall tokx-bin

Global Install

cargo binstall tokx-bin

Quick Start

sudo snap install tokx

Global Install

sudo snap install tokx

Quick Start

scoop install hammadxcm/tokx

Global Install

scoop install hammadxcm/tokx

Quick Start

choco install tokx

Global Install

choco install tokx

Quick Start

winget install hammadxcm.tokx

Global Install

winget install hammadxcm.tokx

Use as a library

import { decode, encode, verify } from '@tokx/core'

cli in action

See tokx in your terminal

Decode a JWT

tokx

$ tokx decode eyJhbGciOiJIUzI1NiIs...

████████████.████████████████████████.███████████████

┌─ HEADER (HS256) ──────────────┐

│ { "alg": "HS256", "typ": "JWT" } │

└──────────────────────────────────┘

✓ sub 1234567890

✓ iat 2018-01-18T01:30:22.000Z

JSON output

tokx

$ tokx decode <token> --json

{ "header": { "alg": "HS256" }, "payload": { "sub": "123" } }

Pipe from stdin

tokx

$ echo $TOKEN | tokx decode -

┌─ HEADER (RS256) ─┐

│ { "alg": "RS256" } │

└────────────────────┘

Sign a new JWT

tokx

$ tokx encode --secret my-secret --payload '{"sub":"123"}'

⠋ Signing token...

✓ Token signed (HS256)

eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

With expiration

tokx

$ tokx encode --secret s --payload '{"sub":"1"}' --expires 3600

✓ Token signed (HS256)

eyJhbGciOiJIUzI1NiIs... (expires in 1h)

Valid signature

tokx

$ tokx verify <token> --secret my-secret

⠋ Verifying signature...

╔══════════════════════════╗

║ ✓ SIGNATURE VERIFIED ║

╚══════════════════════════╝

Invalid signature

tokx

$ tokx verify <token> --secret wrong

╔═══════════════════════╗

║ ✗ INVALID SIGNATURE ║

╚═══════════════════════╝

signature verification failed

Filter by language

tokx

$ tokx libs --language Python

┌────────────┬───────┬────────┬──────────────────┐

│ Library │ Lang │ ★ │ Install │

├────────────┼───────┼────────┼──────────────────┤

│ PyJWT │ [PY] │ ★ 5.1k │ pip install PyJWT│

│ authlib │ [PY] │ ★ 4.5k │ pip install authlib│

└────────────┴───────┴────────┴──────────────────┘

JSON output

tokx

$ tokx libs --json | jq ".[0].name"

"jsonwebtoken"

api

Import @tokx/core in your project

Exports

decode(token) Decode JWT without verification

encode(options) Sign a JWT with any algorithm

verify(token, opts) Verify signature + validate claims

ALGORITHMS All 13 supported algorithm metadata

base64url Encode/decode/validate base64url

isSymmetric(alg) Check if algorithm uses shared secret

npm install @tokx/core

app.ts

import { decode, encode, verify } from '@tokx/core';

// Decode
const { header, payload } = decode(token);

// Encode
const jwt = await encode({
  algorithm: 'HS256',
  payload: { sub: '123', role: 'admin' },
  secret: process.env.JWT_SECRET,
});

// Verify
const result = await verify(jwt, {
  algorithm: 'HS256',
  secret: process.env.JWT_SECRET,
});
// { valid: true }

JSON Web Tokens decoded.

JWT operations from your terminal

Decode JWT

Encode JWT

Verify Signature

Browse Libraries

JSON Output

Async Spinner

Box Output

Verify Badge

Color-Coded

Stdin Piping

NO_COLOR

Exit Codes

Stop the manual decoding

The Old Way

The tokx Way

Available on every platform

See tokx in your terminal

Decode a JWT

JSON output

Pipe from stdin

Sign a new JWT

With expiration

Valid signature

Invalid signature

Filter by language

JSON output

Import @tokx/core in your project

Exports

JSON Web Tokens
decoded.