Size Analyzer
JWT size analyzer online. Check JWT token length in characters and bytes. See header vs payload size breakdown and get warnings for oversized tokens.
Why JWT Size Matters
- • JWTs are sent with every HTTP request in the Authorization header
- • Large tokens increase bandwidth and can exceed server header limits
- • Some proxies and load balancers have strict header size limits
- • Cookies have a ~4KB limit if you're storing JWTs there
Features
- Measures the total token length in characters and bytes
- Breaks down how much space the header, payload, and signature use
- Warns when a token is large enough to bump into common limits
- Helps you see which claims are inflating the payload
- Runs locally so tokens stay on your machine
Common Use Cases
- Trimming a token that no longer fits inside a cookie
- Investigating why requests fail with header-too-large errors
- Deciding which claims to move out of the token and fetch on demand
- Keeping mobile requests lean where every byte of overhead counts
Why token size is worth watching
A JWT is sent on every request that needs authentication, usually in the Authorization header. That means the token's size is pure overhead added to each call, so a bloated payload quietly slows things down and eats bandwidth.
Size also runs into hard limits. Many web servers cap total header size (commonly around 8 KB), reverse proxies and load balancers may be stricter, and if you store the token in a cookie you are bound by the ~4 KB per-cookie limit. Tokens usually grow because of large or numerous custom claims.
If a token gets too big, the usual fix is to keep only an identifier in the token and look up the rest of the data server-side.
Examples
{ "sub": "123", "exp": 1916239022 }{ "sub": "123", "permissions": ["a","b","c","d","e","f","g"], "profile": { "bio": "..." } }