1. Debugging an HS256 Authentication Token
Backend DeveloperBackground
A backend developer is building a Node.js API and users are reporting random logouts.
Problem
Need to verify if the issued JWTs are expiring too quickly and if the signature matches the server's secret.
How to use
Paste the user's JWT into the JWT Token field and enter the server's secret into the HMAC Secret field.
Outcome
The tool decodes the payload, revealing an 'exp' claim set to only 5 minutes, and confirms the signature is valid, pinpointing the short expiration as the root cause.