Skip to main content
← All extensions

JWT Session

Find and decode your session JWTs, with expiry countdown and alg:none alerts

chromeedgebraveoperafirefox🔒 Zero telemetryVersion 1.0.0
Download the extension for ChromeDownload the extension for Firefox

Description

Scans the active tab's real session — non-httpOnly cookies, localStorage and sessionStorage — and automatically detects any JSON Web Tokens present. It decodes them read-only (header and payload), shows each token's origin, a live countdown to expiry (exp) and flags unsigned tokens (alg:none) with an alert. No signature verification, no session mutation: 100% offline analysis, zero telemetry.

Features

  • Automatic JWT detection across non-httpOnly cookies, localStorage and sessionStorage
  • Read-only decoding of header and payload (never mutates the session)
  • Live countdown to expiry with expired/valid state per token
  • Security alert for unsigned tokens (alg:none)
  • Explicit provenance for each token (origin + key)
  • 100% offline, no data leaves the browser, zero telemetry

Privacy

100% local processing in your browser. Zero telemetry: no data is sent to external servers.

Required permissions

  • activeTab
  • scripting
  • storage

Screenshots

JWT Session

Supported browsers

chromeedgebraveoperafirefox