DEV Community

Jorge Alberto Díaz Orozco (Akiel)
Jorge Alberto Díaz Orozco (Akiel)

Posted on

Decode JSON Web Token in your terminal


Probably there are tens of applications to do this. I know for sure they are out there, but at the time I was reading this post on Reddit about how to get the downloads limit on DockerHub I could not find any of them. The requirements were pretty straight forward. I need one application I can push a token and it will output formatted JSON. No validation or fancy things required. I would love to colorize the output, but that's completely optional.

And out of this need, I got my Saturday project on.

We don't need to re-invent the wheel. Decoding is already done by a lot of libraries, I just needed to pick one and wrap everything in a nice GO CLI interface.


One of the main reasons why I love to use GO is because I can build my applications for almost any platform/architecture. The binaries are a bit "fat", but let's face it: Storage is already pretty cheap and most people will just not care about a couple of megabytes.
I ended up searching for a nice library to do all the work for me and found go-jose. This decodes my token without problems and places all the claims into a GO map structure which I can later marshal as JSON.

var claims map[string]interface{}

token, err := jwt.ParseSigned(tokenString)
if err != nil {
    return "", err
err = token.UnsafeClaimsWithoutVerification(&claims)
if err != nil {
    return "", err
Enter fullscreen mode Exit fullscreen mode

Well, all the hard work is done. Let's grab a beer and enjoy :-)
I added an argument -t to pass the token to my application:
tokenArgument := flag.String("t", "", "Token to decode. If not specified will try to read it from stdin.")
And some code to read from stdin if the token was not specified using the command line argument.
Then added optional colorization because life is better with colors, so I used TylerBrock/colorjson to optionally output colorized text.


I was a bit lazy here, so I just added some tests to check that the main methods are still doing what they are supposed to do, added a GitHub action to build and test the application every time someone pushes it or creates a pull request, and that is it.


There are tons of ways to release applications. So many package managers and intricate ways maintainers have decided they want their software to be installed. For now, I'll just release the binaries and the users just need to download them and use them as they want. There's also a GitHub action for releasing GO applications ( that worked perfectly for me. In the future, I'll be adding at least Ubuntu snaps support.

How to use

As my requirements were pretty simple the usage of the application is also simple. Just pass the token as an argument jwt-decode -t "ABeautifulToken" or pipe it in echo "ABeautifulToken" | jwt-decode and it will do the work. Want colors? Use it with -c and it will be 150% better.



And that's it. This is the result of my today's adventure trying to make everything nicer for me and my fellow devs. Feel free to leave some love materialized as GitHub stars for me.
You can download the proper binary for your distribution and start decoding JSON Web Tokens like a jedi from your terminal today from the GitHub release page.

Top comments (0)