Is my JWT token transmitted to any server for expiration checking?

Never. All JWT decoding and expiration countdown calculations run 100% client-side. The token parts are parsed using standard base64url decoding functions locally inside your browser.

What happens if my token does not have an 'exp' claim?

If the token does not contain an 'exp' (Expiration Time) claim, the tool will report 'No Expiry' and flag it as an indefinite lifespan token. In standard specifications, the 'exp' claim is optional, though recommended.

How does the countdown ticker update the state?

Our engine decodes the exact Unix epoch time in the token. A lightweight Javascript interval runs once per second to calculate the duration between the expiration epoch and your device's current system time, updating the badge color states dynamically.

JWT Expiry Checker

100% Client-Side

Paste your JWT token to instantly check expiration times, lifespan details, and view active/expiring countdown timers securely offline.

JWT Token Input

No secret or signature key is required to check token lifespans. We only parse public claims data.

Lifespan & Expiry Report

Paste a valid token in the left panel to execute expiration calculations.

Frequently Asked Questions

What are registered claims in a JSON Web Token?

Registered claims are predefined claims recommended by the JWT specification (RFC 7519) to ensure interoperability. They include: exp (Expiration Time), iat (Issued At), nbf (Not Before), iss (Issuer), and sub (Subject).

Does this tool support JSON Web Encryption (JWE)?

No. JWE structures are 5-part encrypted tokens whose internal payloads are completely scrambled and secure from public reading. Only 3-part signed JWS tokens can have their claims parsed client-side without verification keys.

Can an expired token still be validated or verified?

While the signature of an expired token remains mathematically correct and certifiably verified, servers and validation libraries will reject its claims since the token has crossed its secure lifespan boundary.

Understanding the exp, iat, and nbf Claims

Standard JSON Web Tokens employ integer claims representing the exact seconds elapsed since the Unix Epoch (January 1, 1970 00:00:00 UTC):

Expiration Time (exp): The exact timestamp on or after which the JWT must not be accepted for processing.
Issued At (iat): The exact timestamp at which the JWT was compiled. Useful to check the age of a token.
Not Before (nbf): The exact timestamp before which the JWT must not be accepted for processing.

Expiring Soon State Ticker

Our checker introduces an Expiring Soon threshold warning. When the token is active but has less than 24 hours remaining before crossing its expiration timestamp, the status badge automatically turns Orange.

This assists security teams and developers in identifying tokens that are highly vulnerable to immediate expiration and might require proactive session renewals or programmatic rotations.