How to use the Base64 to JSON Decoder
Decode Base64 to JSON instantly:
1
Paste your Base64 string
Paste any Base64-encoded string — standard or URL-safe. For a JWT, paste only the middle section (the payload, between the two dots).
2
Click Decode
The tool decodes the Base64 and detects whether the result is valid JSON. If it is, it pretty-prints it with syntax highlighting.
3
Explore the output
Copy the decoded JSON, or if it is not JSON, read the raw decoded text.
When to use this tool
Use this whenever you need to read the contents of a Base64-encoded string:
- →Decoding a JWT token payload section to inspect its claims (sub, exp, iat, roles) without a dedicated JWT tool
- →Reading a Kubernetes Secret value (which is Base64-encoded by design) to verify its contents
- →Decoding Base64-encoded environment variables that contain JSON configuration
- →Inspecting Base64-encoded tokens, credentials, or API keys that contain JSON internally
- →Decoding webhook payloads or API responses that return Base64-encoded JSON data
- →Verifying that a JSON Base64 encoding round-trip preserved the data correctly
Frequently asked questions
Q:How do I decode a JWT token payload?
A JWT has three dot-separated sections: header.payload.signature. The header and payload are Base64url-encoded. To read the payload, copy the middle section (between the first and second dots) and paste it here. The tool decodes it and pretty-prints the JSON claims. Note: this tool only decodes — it does not verify the JWT signature.
Q:How do I decode a Kubernetes Secret?
Kubernetes stores Secret values as Base64-encoded strings in YAML/JSON manifests. To read a secret value, find the data field in the Secret manifest, copy the Base64 value for the key you want to inspect, and paste it here. The tool decodes it and shows the plain-text or JSON content.
Q:What if the Base64 decodes to non-JSON content?
If the decoded content is not valid JSON, the tool shows the raw decoded string. This handles Base64 strings that contain plain text, CSV data, XML, or binary data that was text-encoded. The tool will label the output clearly as 'not JSON' so you know the type of content.
Q:Does it handle URL-safe Base64?
Yes — URL-safe Base64 uses - instead of + and _ instead of /. This variant is used in JWTs, OAuth tokens, and many modern APIs. The decoder automatically detects and normalises both variants without any toggle needed.
Q:Can I decode multiple Base64 strings at once?
The tool decodes one Base64 string at a time. For bulk decoding of multiple values (like multiple Kubernetes Secret keys), decode them one at a time and copy each result.
Q:Is my data sent to a server?
No. All decoding happens client-side in your browser using native atob() and TextDecoder APIs. No data is transmitted, logged, or stored. You can safely decode real secrets, credentials, and sensitive configuration values.