Base64 to JSON Decoder Online — Decode & Format

Decode Base64 (including Base64url JWT payload segments and Kubernetes Secret data values), parse as JSON, and pretty-print — instantly and 100% in your browser.

What is a Base64 to JSON decoder?

A Base64 to JSON decoder reverses Base64 encoding to recover the original bytes, then parses those bytes as JSON and pretty-prints the result. The two-step pipeline — Base64 decode, then JSON.parse — is the exact path used to read JWT claims, inspect Kubernetes Secret data, and unwrap Base64-encoded JSON payloads embedded in API responses, environment variables, or query strings.

Base64 turns arbitrary bytes into ASCII so they can travel through HTTP headers, URLs, and YAML manifests without escaping. JSON is the most common payload Base64 wraps. The OpenFormatter decoder handles both standard Base64 (+ / with = padding) and URL-safe Base64url (- _, padding optional) — paste either flavour and it normalises the alphabet and pad before decoding.

How to decode Base64 to JSON — 4 steps

  1. Paste the Base64 string. For a JWT, copy only the middle segment (between the two dots). For a Kubernetes Secret, copy the value after the key under data:. Click Load Sample to try a real JWT payload.
  2. Click Decode. The tool normalises Base64url characters, re-pads if needed, decodes through UTF-8, then parses the result with JSON.parse.
  3. Inspect the JSON. A green Done badge confirms valid JSON. An Error badge surfaces the parse error so you know whether the issue is the Base64 or the JSON inside it.
  4. Copy the formatted JSON. Click Copy to send the pretty-printed JSON to your clipboard for tests, logs, or further inspection.

Sample input and output

Base64 input (JWT payload segment)

eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6
IkphbmUgRG9lIiwiZW1haWwiOiJqYW5lQGV4
YW1wbGUuY29tIiwicm9sZXMiOlsiYWRtaW4i
LCJ1c2VyIl0sImlhdCI6MTcxNjIzOTAyMn0

Decoded JSON output

{
  "sub": "1234567890",
  "name": "Jane Doe",
  "email": "jane@example.com",
  "roles": ["admin", "user"],
  "iat": 1716239022
}

JWT-Aware Decoding

Accepts Base64url JWT payload segments without manual padding — paste the middle segment of any JWT and read the claims instantly.

JSON Validation

Pretty-prints the decoded JSON or surfaces a parse error if the bytes inside the Base64 are not valid JSON.

Local Decoding

Base64 decode and JSON parse run inside the browser. JWTs, Secret data, and customer payloads stay on your device.

Common use cases

  • check_circleDecoding JWT payload segments to read claims (sub, iat, exp, scopes) during auth debugging
  • check_circleInspecting Kubernetes Secret data values that contain JSON service-account keys
  • check_circleReading Base64-encoded JSON returned by OAuth and OIDC token introspection endpoints
  • check_circleUnwrapping Base64-encoded JSON in webhook signature payloads (Stripe, GitHub, AWS SNS)
  • check_circleDecoding Base64 JSON stored in environment variables for serverless functions
  • check_circleReading CloudEvents or AWS EventBridge events whose data field is Base64-encoded
  • check_circleInspecting JSON blobs returned in data: URIs (data:application/json;base64,...)
  • check_circleDecoding the JSON portion of multipart API responses or signed envelopes

Base64 to JSON vs plain Base64 decode

A plain Base64 decoder gives you raw text, leaving you to format the JSON yourself. This decoder fuses the two operations: it decodes the Base64, parses the result with JSON.parse, and pretty-prints — so a malformed JSON inside valid Base64 surfaces immediately rather than dumping a single-line blob you then have to feed into a separate formatter. For pure binary content (PNGs, gzipped data, protobuf), use the plain Base64 decoder instead.

Working with the result?

Once decoded, format, validate, or convert the JSON further with the rest of OpenFormatter.

JSON FormatterJSON ValidatorJSON to Base64

Frequently Asked Questions

Why does my JWT payload look like Base64?

A JWT is three Base64url segments joined by dots: header.payload.signature. The middle segment is a Base64url-encoded JSON object containing the claims (sub, iat, exp, custom claims). Copy just the middle segment, paste it into this tool, and the JSON claims become readable. The header and signature parts are not JSON in the same way and use the same Base64url encoding.

Is the result URL-safe Base64 or standard Base64?

The decoder accepts both. Standard Base64 uses + and / with = padding; URL-safe Base64url replaces + with - and / with _ and may omit padding. The tool normalises - to +, _ to /, and re-adds missing padding before calling atob, so you can paste either flavour without preprocessing.

How do I decode a Kubernetes Secret data field?

kubectl get secret <name> -o yaml shows the data: map with each value Base64-encoded. Copy a single value (the string after the key:), paste it here, and if the original was JSON (for example a service-account.json or a config blob) it will be decoded and pretty-printed. For non-JSON secrets, use a plain Base64 decoder.

Will this tool verify a JWT signature?

No. This is a decoder, not a verifier. It reads the payload claims so you can inspect the data, but it does not validate the HMAC or RSA signature against the issuer's key. Treat the decoded claims as untrusted input — never trust them for authorisation without server-side verification.

What if the decoded Base64 is not JSON?

The decoder reports a JSON parse error and shows the problem. The decoded bytes might be plain text, a binary blob, or a JWT segment that needs further parsing. Use the plain Base64 Decoder tool to view non-JSON content as raw text.

Why does my decoded JSON contain garbled characters?

The original payload was UTF-8 but was decoded as ASCII somewhere upstream. This tool decodes through decodeURIComponent(escape(atob(...))) so multi-byte UTF-8 sequences (emoji, accented characters, CJK glyphs) survive correctly. If you still see mojibake the Base64 itself is corrupted — check for accidental whitespace or truncation when copying.

Is my Base64 sent to your servers?

No. Decoding and JSON parsing happen entirely in your browser using atob and JSON.parse. JWTs and Secrets often contain user IDs, email addresses, or scopes you do not want logged externally — open DevTools Network tab and confirm no requests are made when you click Decode.

Can I decode multiple Base64 strings at once?

The decoder processes one string per run. For batch decoding (for example, decoding every value in a Kubernetes Secret data map) script it locally with jq and base64 -d, or run the decoder repeatedly — nothing is uploaded so there are no rate limits.

Related Tools

JSON to Base64

Encode JSON as Base64 for Secrets and tokens

JSON Formatter

Beautify and indent JSON for readability

JSON Validator

Check JSON syntax with line-precise errors

Base64 to XML

Decode Base64-encoded XML payloads

Base64 to YAML

Decode Base64-encoded YAML configs

All JSON Tools

Browse the full JSON toolkit

Developer Insights

From the Blog

View all articlesarrow_forward
Formats8 min read

YAML vs JSON in 2024: When to Use Each

A definitive guide on choosing the right data serialization format for modern infrastructure.

Read articlearrow_forward
Engineering6 min read

Why JSON Formatting Matters More Than You Think

How proper JSON structure prevents production bugs, improves debugging, and makes code reviews faster.

Read articlearrow_forward
Privacy4 min read

The Case for 100% Client-Side Data Processing

Why we built OpenFormatter to process all data locally, and what that means for your workflow security.

Read articlearrow_forward
Base64 to JSON Decoder Online — Decode & Format