Decode a JWT Token in PHP Without External Libraries
Decode and parse the header and payload of a JWT using base64 and json_decode.
edit_note
PHP Code Editor
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
<?php
$jwt = 'eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.'
. 'eyJ1c2VyX2lkIjoxMjMsIm5hbWUiOiJKb2huIERvZSJ9.'
. 'signaturepartignored';
// Split JWT into parts
$parts = explode('.', $jwt);
if (count($parts) !== 3) {
exit("Invalid JWT format\n");
}
// Decode base64url
function b64url_decode($data) {
return base64_decode(strtr($data, '-_', '+/'));
}
$header = json_decode(b64url_decode($parts[0]), true);
$payload = json_decode(b64url_decode($parts[1]), true);
// Output
echo "Header:\n";
print_r($header);
echo "\nPayload:\n";
print_r($payload);
הההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההההה
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
settingsPHP Version
panorama_fish_eye
7.2
panorama_fish_eye
7.4
panorama_fish_eye
8.0
panorama_fish_eye
8.1
task_alt
8.2
panorama_fish_eye
8.3
panorama_fish_eye
8.4
panorama_fish_eye
8.5
terminal
Execution Result
play_circle_outline
Ready to execute
Click the "Run Script" button to see the output here
article
Description
This snippet shows how to decode a JSON Web Token (JWT) in PHP using only built-in functions, without relying on third-party libraries.
It extracts the token’s header and payload by splitting the token into parts, decoding each using base64, and parsing the resulting JSON into associative arrays.
This is useful when you want to inspect or debug JWT tokens, especially in a sandbox or development environment, without verifying the signature.
Comments
No comments yet
Be the first to share your thoughts!