Are my Keycloak tokens sent anywhere?

No, all decoding happens locally in your browser ensuring your Keycloak credentials remain secure.

Can I verify the signature?

Decoding and signature verification are different steps. You can see the claims without the private key.

Loading tool runtime...

The Keycloak JWT Decoder allows you to inspect authentication tokens and specific claims from Keycloak.

Open Keycloak JWT Decoder and enter the source input you want to work with.
Run the tool once with a small sample so you can confirm the result format.
Copy, download, or reuse the output in your target app after a quick verification pass.

Inspect Keycloak session token claims and expiration.

Verify your Keycloak integration payload structure.

Debug authorization issues locally during Keycloak development.