JWT Header Decoder — Examine Algorithm & Key ID
Quick Answer: The JWT header (first segment before the first dot) contains the signing algorithm (alg: RS256, HS256, ES256), key ID (kid) for key rotation, and token type (typ: JWT). Paste your token to decode just the header for debugging signing and verification issues.
FAQ
What information is in the JWT header?
Minimum: alg (signing algorithm) and typ (token type). Often includes kid (key ID for JWKS rotation), jku (JWK Set URL), and x5c (X.509 certificate chain).
What does kid in the JWT header mean?
The kid (Key ID) identifies which key from the JWKS (JSON Web Key Set) was used to sign the token. It enables key rotation without breaking existing tokens.