The playground

Try any of 919 endpoints — live.

Pick an endpoint, load a working example, tweak the params, and send — no signup to try. Results render the way the data deserves; raw JSON, headers & code are one tab away.

Playground demo key · api.reefapi.com

post/dev-utils/v1/jwt_decode1 credit

Decode a JWT WITHOUT needing the key (header+payload+claims analysis); optionally verify the signature with a provided key. Decode-only — this API never signs tokens.

Working example

Parameters

tokenrequired

The JWT to decode.

verify_keyoptional

Optional verification key: the HMAC secret (HS*) or PEM public key (RS*/ES*/PS*). Algorithm is taken from the token header (whitelisted; alg=none always fails).

request preview

curl -X POST https://api.reefapi.com/dev-utils/v1/jwt_decode \
  -H "x-api-key: $REEF_KEY" \
  -H "content-type: application/json" \
  -d '{"token":"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c","verify_key":"your-256-bit-secret"}'

Hit Send to run this endpoint live.