Are my Cognito tokens sent anywhere?

No, all decoding happens locally in your browser ensuring your Cognito credentials remain secure.

Can I verify the signature?

Decoding and signature verification are different steps. You can see the claims without the private key.

Loading tool runtime...

The Cognito JWT Decoder allows you to inspect authentication tokens and specific claims from Cognito.

Open Cognito JWT Decoder and enter the source input you want to work with.
Run the tool once with a small sample so you can confirm the result format.
Copy, download, or reuse the output in your target app after a quick verification pass.

Inspect Cognito session token claims and expiration.

Verify your Cognito integration payload structure.

Debug authorization issues locally during Cognito development.