Base64 JSON Decoder

Decode Base64 JSON
online, free & instant

Paste a Base64-encoded string and get formatted, readable JSON output in one click. Handles both standard Base64 and Base64url — no signup, no server, no data shared.

Open Base64 JSON Decoder

How it works

From Base64 string to readable JSON in seconds

Paste your Base64 string Drop any Base64 or Base64url encoded value into the input. Padding characters are optional — the tool normalises them automatically.

Select Base64 decode Open the Convert tab and choose the Base64 → JSON option. Decoding and formatting happen instantly.

Inspect the JSON The decoded output is pretty-printed with full syntax highlighting. Switch to the tree view to explore nested structures.

Also decode JWT tokens JWT payloads are Base64url-encoded JSON. Use the dedicated JWT tab to decode header, payload, and inspect expiry in one step.

Why jsonfmt.dev

Private, instant, and zero dependencies.

🔒

Fully Private

Decoding uses the browser's native atob() — your data is never transmitted or stored.

🔄

Both Directions

Encode JSON to Base64 or decode Base64 back to JSON — both supported in the same tab.

🔑

JWT Aware

Recognises Base64url from JWT segments and handles missing padding automatically.

More Tools

Related JSON tools

JWT Decoder Decode and inspect JWT tokens — header, payload, signature, and expiry status.

JSON Formatter Pretty-print JSON with syntax highlighting and a collapsible tree view.

JSON to YAML Convert decoded JSON to clean YAML configuration in one click.

JSON Validator Validate the decoded JSON against a schema or check syntax instantly.

Frequently Asked Questions

Common questions answered

What is Base64 encoded JSON?

Base64 JSON is a JSON payload that has been encoded using the Base64 algorithm, producing a string of ASCII characters safe for transport in URLs, HTTP headers, or binary protocols. JWT tokens, for example, use Base64url-encoded JSON for their header and payload segments.

How do I decode Base64 JSON online?

Paste your Base64 string into the Convert tab on jsonfmt.dev and select the Base64 decode option. The tool decodes the string and pretty-prints the resulting JSON with full syntax highlighting.

Is my Base64 data sent to a server?

No. Decoding runs entirely in your browser using the built-in atob() function. Nothing is uploaded or logged.

What is the difference between Base64 and Base64url?

Base64url replaces + with - and / with _ and omits padding = characters, making it safe for use in URLs and HTTP headers. The decoder handles both variants automatically.

Can I also encode JSON to Base64?

Yes. The Convert tab supports both directions — paste JSON to encode it as a Base64 string, or paste a Base64 string to decode it back to JSON.

Learn

What is Base64 encoding for JSON?

Base64 encoding converts binary or text data into ASCII characters safe for text-based protocols. When applied to JSON, Base64 lets you embed a JSON document inside environments that do not support special characters — email headers, URL parameters, XML attributes, or other JSON strings.

This tool provides both encoding (JSON → Base64) and decoding (Base64 → JSON). Paste a JSON document to get its Base64 representation, or paste a Base64 string to decode it back. The decoder handles URL-safe Base64 (using - and _ instead of + and /) and padding variations. This is particularly useful for inspecting JWT payloads and encoded configuration strings.

Encode and decode JSON as Base64
Input
{"user":"Alice","role":"admin"}
Output
Encoded:
eyJ1c2VyIjoiQWxpY2UiLCJyb2xlIjoiYWRtaW4ifQ==

Decode the string above to get
the original JSON back.

Tips & Best Practices

Get the most out of this tool

JWT tokens contain Base64URL-encoded JSON in their header and payload — decode them here to inspect the claims.
Use Base64 encoding when embedding JSON in URL query parameters to avoid escaping issues with special characters.
Base64 increases size by approximately 33% — use it only when transport requires ASCII-safe encoding, not for compression.

Ready to decode your Base64 JSON?

Free forever. No signup. Fully private.

Decode Base64 JSON now

Deep Dive

Understanding Base64 encoding of JSON data

Base64 is a binary-to-text encoding scheme that represents arbitrary binary data using a 64-character alphabet: A–Z, a–z, 0–9, plus (+), and slash (/), with equals signs (=) as padding. JSON is a text format, but when JSON must be embedded in contexts designed for binary data — like binary protocols, URL parameters, or HTTP headers — Base64 encoding converts the JSON text to a safe, ASCII-only representation that survives transmission through systems that are not 8-bit clean.

The JWT (JSON Web Token) standard is the most common context where developers encounter Base64-encoded JSON. A JWT consists of three Base64URL-encoded parts separated by dots: the header (algorithm and token type), the payload (claims like user ID and expiration), and the signature. Base64URL is a variant of Base64 that replaces + with - and / with _, producing URL-safe strings without percent-encoding.

Base64 encoding increases data size by approximately 33%. Every 3 bytes of input produce 4 Base64 characters. A 300-byte JSON object becomes roughly 400 characters when Base64-encoded. This size overhead is the primary downside of Base64 — for large JSON payloads, the encoding overhead is significant. Size-sensitive applications should prefer alternative encoding schemes or avoid embedding large JSON in Base64 contexts.

URL-safe Base64 (Base64URL) is critical when Base64-encoded JSON appears in URLs, URL parameters, or HTTP headers. Standard Base64 uses + and / characters that have special meanings in URLs — + means space in URL-encoded query strings, and / is a path separator. Base64URL substitutes - and _ respectively, producing strings that can be included in URLs without percent-encoding and without altering the decoded value.

Kubernetes stores secrets as Base64-encoded values in YAML manifests. A Kubernetes Secret resource contains a data map where values are Base64-encoded strings — for example, a database password is stored as cGFzc3dvcmQ= rather than password. When Kubernetes secrets contain JSON-formatted values (like service account credentials or Docker registry configurations), decoding the Base64 reveals the nested JSON that needs inspection and formatting.

Environment variables in containerized environments sometimes contain Base64-encoded JSON configuration. Container orchestration platforms like Kubernetes and cloud functions platforms (AWS Lambda, Google Cloud Functions) support injecting configuration as environment variables. When a complex configuration object must be passed as a single environment variable, Base64-encoding the JSON produces a single string that can be stored in one environment variable and decoded at runtime.

The browser's atob() and btoa() functions handle Base64 decoding and encoding. atob("SGVsbG8=") returns "Hello". However, these functions handle only Latin-1 characters — Base64-encoded UTF-8 strings containing non-ASCII characters (emoji, accented characters, CJK characters) require additional UTF-8 decoding after Base64 decoding. Modern browser environments provide TextDecoder for proper UTF-8 handling: new TextDecoder().decode(Uint8Array.from(atob(b64), c => c.charCodeAt(0))).

Use Cases

When Base64 JSON decoding is needed

JWT payload inspection JWT tokens carry user claims in their Base64URL-encoded payload section. Decoding the middle segment of a JWT reveals the user ID, roles, expiration time, and other claims — essential for debugging authentication issues, verifying token contents, and understanding what the server will authorize based on the token.

Kubernetes secret inspection Kubernetes secrets store sensitive values as Base64-encoded strings. When debugging cluster configurations, developers decode secret values to inspect the actual credentials or configuration JSON they contain — for example, Docker registry authentication JSON stored in image pull secrets.

API response with embedded Base64 data Some APIs embed additional data as Base64-encoded JSON within a response field — a common pattern for metadata, continuation tokens, and cursor values used for pagination. Decoding these embedded values reveals the state data the API uses to track pagination position.

Configuration stored in environment variables Cloud functions and containerized apps sometimes receive complex JSON configuration as a single Base64-encoded environment variable. Decoding this variable reveals the full configuration JSON for inspection, debugging, or migration to a different configuration management approach.

Common Mistakes

Base64 JSON decoding pitfalls

Confusing standard Base64 with Base64URL: Standard Base64 uses + and /; Base64URL uses - and _. If you try to decode a Base64URL string (like a JWT segment) with a standard Base64 decoder, the substituted characters cause decoding errors. Always check which variant your source uses before decoding.
Forgetting UTF-8 decoding for non-ASCII content: Base64 decodes bytes, not characters. If the original JSON contained non-ASCII characters (emoji, accented letters, CJK), the decoded bytes need UTF-8 interpretation to produce the correct string. Using atob() alone without UTF-8 decoding produces garbled output for non-Latin-1 content.
Missing padding characters: Standard Base64 requires padding with = characters to make the length a multiple of 4. Base64URL strings often omit padding. If a Base64 decoder returns an error about invalid padding, try adding one or two = characters to the end of the string before decoding.
Treating Base64 as encryption: Base64 is encoding, not encryption. Anyone who sees a Base64-encoded string can immediately decode it without any key. Never use Base64 to "hide" sensitive values — use proper encryption algorithms for that purpose. Kubernetes secrets stored as Base64 are not encrypted; they require Kubernetes encryption-at-rest to be truly secret.

Additional frequently asked questions

What is the difference between Base64 and Base64URL?

Base64URL replaces the + character with - and the / character with _, producing strings that are safe to use in URLs and HTTP headers without percent-encoding. Base64URL also typically omits the trailing = padding characters. JWTs use Base64URL for all three sections. Standard Base64 is used in other contexts like email MIME encoding.

How do I encode JSON to Base64 in JavaScript?

Use btoa(unescape(encodeURIComponent(JSON.stringify(obj)))) for ASCII-safe encoding, or the modern approach: btoa(String.fromCharCode(...new TextEncoder().encode(JSON.stringify(obj)))). The TextEncoder approach correctly handles UTF-8 characters. For Base64URL, additionally replace + with -, / with _, and strip trailing = characters.

Why does my Base64 decoding produce garbled characters?

Garbled output usually means UTF-8 decoding was not applied after Base64 decoding. atob() returns a Latin-1 binary string — if the original data was UTF-8 encoded, you need to apply UTF-8 decoding to the binary string. Use decodeURIComponent(escape(atob(base64string))) or new TextDecoder().decode(Uint8Array.from(atob(str), c => c.charCodeAt(0))).

Is Base64-encoded JSON safe to store in a URL?

Standard Base64 is not URL-safe because it uses +, /, and = characters that require percent-encoding in URLs. Use Base64URL instead (-, _, no padding) for URL-embedded values. Alternatively, percent-encode the standard Base64 string, though this adds length overhead. Base64URL is the correct choice for URL parameters and JWT tokens in URLs.

Decode Base64 JSONonline, free & instant