I'm working on a website that stores JWT token inside cookies. What I want to do is, create Javascript that decodes the token and extracts the value I need and pass it on to the another Javascript written by my co-worker. My question is, is there client-side javascript library for JWT token decoding that I can import from my script?

I'm working on a website that stores JWT token inside cookies. What I want to do is, create Javascript that decodes the token and extracts the value I need and pass it on to the another Javascript written by my co-worker. My question is, is there client-side javascript library for JWT token decoding that I can import from my script?

• javascript
• jwt

• 2 Check this: jwt.io/#libraries Look for Javascript section – Mike Cheel Commented Oct 12, 2016 at 18:51
• 1 @MikeCheel 's comment is very useful if you need to verify a signed JWT or decode a crypted JWT. But if you just want o read an uncrypted JWT, you just need to base64 decode it as described in the answer from bhspencer – Andreas Lundgren Commented Oct 13, 2016 at 19:25
• Be careful, the user can tamper with that and since you don't have access to the shared secret on the backend, it won't be reliable ever. – aderchox Commented Apr 14, 2022 at 11:55

2 Answers 2

EDIT: It has come to my attention that this answer is incorrect. Please see this answer instead How to decode jwt token in javascript without using a library?

A JWT is just a dot separated base64 encoded string. You just need to split on the dots and then use atob() to decode. You don't need an external library.

e.g.

var jwt = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiYWRtaW4iOnRydWV9.TJVA95OrM7E2cBab30RMHrHDcEfxjoYZgeFONFh7HgQ";

var tokens = jwt.split(".");

console.log(JSON.parse(atob(tokens[0])));
console.log(JSON.parse(atob(tokens[1])));

https://github.com/auth0/jwt-decode : jwt-decode is a small browser library that helps decoding JWTs token which are Base64Url encoded.