Launching a SaaS?·Collect waitlist signups before you build — before.run
SandboxPatternsDetectDocs
Security
#jwt
#token
#auth
#security

JWT Token

Matches a JSON Web Token (JWT) — three Base64URL-encoded segments separated by dots.

JWT format validationAuth middlewareAPI token parsing
/
/
Test String
1 match
[…]+Character class […]Matches any single character listed in this set — repeated one or more times (greedy) · + — one or more times (greedy)
A-ZA-ZA-Z — range from 'A' to 'Z'
a-za-za-z — range from 'a' to 'z'
0-90-90-9 — range from '0' to '9'
__'_' — literal character
--'-' — literal character
\.\.\. — escaped character '.'
[…]+Character class […]Matches any single character listed in this set — repeated one or more times (greedy) · + — one or more times (greedy)
A-ZA-ZA-Z — range from 'A' to 'Z'
a-za-za-z — range from 'a' to 'z'
0-90-90-9 — range from '0' to '9'
__'_' — literal character
--'-' — literal character
\.\.\. — escaped character '.'
[…]+Character class […]Matches any single character listed in this set — repeated one or more times (greedy) · + — one or more times (greedy)
A-ZA-ZA-Z — range from 'A' to 'Z'
a-za-za-z — range from 'a' to 'z'
0-90-90-9 — range from '0' to '9'
__'_' — literal character
--'-' — literal character
Pattern: 46 charsInput: 108 chars
100% client-side · private

Valid Examples

  • eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIn0.dozjgNryP4J3jVmNHl0w5N_XgL0n3I9PlFUP0THsR8U

Invalid Examples

  • not.a.jwt.with.too.many.dots
  • onlytwoparts.here
  • plain-string