When do I need to decode Base64?

When you receive Base64-encoded data from: API responses (binary data wrapped in JSON), email attachments (MIME-encoded files), HTTP Basic Auth headers (decoded credentials), JWT tokens (Base64URL payloads), data: URIs in CSS/HTML, or any system that text-encodes binary for transmission. Decoding recovers the original content for inspection, processing, or storage.

Why does my decoded output look like garbage?

If the input was binary (an image, PDF, executable), decoding produces binary bytes that don't render as readable text — that's expected. Use a file decoder for binary, or interpret the binary in your application code (parse as image, write to file, etc.). If you encoded text and the output is garbage, your input might be corrupted or in a non-UTF-8 encoding.

What's the difference between Base64 and Base64URL when decoding?

Base64URL replaces standard '+' and '/' with '-' and '_' for URL safety, and may omit '=' padding. A proper decoder accepts both — automatically substituting characters back and re-adding padding. If your decoder strictly expects standard Base64, replace '-' with '+' and '_' with '/' before decoding, and append '=' until length is divisible by 4.

How do I detect if a string is valid Base64?

Valid Base64 contains only A-Z, a-z, 0-9, +, / (and = padding). Length must be divisible by 4 (with padding) or otherwise compliant with Base64URL rules. Invalid characters cause decoding errors. Note: just because a string looks like valid Base64 doesn't mean it represents valid data — the decoded bytes might still be meaningless.

Can I decode multiple Base64 strings at once?

This tool decodes one input at a time. For batch decoding (multiple Base64 strings, or strings concatenated in JSON/JSONL), use a script in your language of choice — most languages have built-in Base64 decoders (Python: base64.b64decode, JavaScript: atob, Node.js: Buffer.from(s, 'base64')).

Is decoding lossless?

Yes. Base64 is a lossless encoding — decoded output is bit-for-bit identical to what was originally encoded. There's no compression, no quality loss, no rounding. Encoding and then decoding produces exactly the input you started with, every time.

Is the data sent to a server?

No. All decoding happens entirely in your browser using JavaScript's atob() function. Your encoded data never leaves your device — safe for confidential payloads, internal API responses, or any sensitive data. Works offline once loaded.

Base64 Decoder

Decode Base64 strings back to readable text online instantly. Free Base64 decoder for converting encoded data and content safely.

Encoding / Decoding

Instant results

Go to Encoder

Base64 Input0 characters

Decoded Text

About Base64 Decoding

Base64 decoding converts Base64 encoded text back to its original form. This tool supports both standard Base64 and URL-safe Base64 formats. All processing happens in your browser for complete privacy.

How to Use Base64 Decoder

Paste Base64 input

Paste your Base64-encoded string into the input field. The tool accepts both standard Base64 (with '+' and '/') and Base64URL (with '-' and '_'), with or without '=' padding.

View decoded output

Decoding happens instantly. Text input produces readable output; binary input (images, PDFs) produces non-printable bytes that are best handled programmatically rather than displayed.

Detect errors automatically

If your input contains invalid Base64 characters or has incorrect length, an error message displays the problem location. Common issues: extra whitespace, missing padding, wrong character set.

Copy or use the result

Click Copy to use the decoded output elsewhere. For text, paste it into your application; for binary, use a file decoder tool to save it as the original file (image, PDF, etc.).

When to Use Base64 Decoder

Inspecting JWT token payloads

JWTs (JSON Web Tokens) are three Base64URL-encoded segments separated by dots: header.payload.signature. Decode the middle segment (payload) to see the claims (user ID, expiration, scopes) without server-side validation. Useful for debugging authentication, understanding token contents, and verifying claim values.

Reading email attachments programmatically

Email parsing libraries deliver attachments as Base64-encoded MIME parts. Decode the Base64 to recover the original file bytes — then save to disk, scan for malware, extract data, or process the contents. Essential for email automation, ticketing systems, and email-to-database integrations.

Extracting embedded images from CSS/HTML

Data: URIs (data:image/png;base64,...) embed images directly in HTML or CSS. To extract these images for editing or storage, copy the Base64 portion and decode it back to binary, then save as a file. Useful when reverse-engineering email templates, examining inlined assets, or building asset extraction tools.

Decoding HTTP Basic Auth credentials

When debugging API requests with Basic Auth, decoding the Authorization header reveals the username:password combination. The header format is 'Authorization: Basic {base64}'. Decode the Base64 portion to verify what credentials are being sent — useful for troubleshooting auth issues without modifying production code.

Base64 Decoder Examples

Decoding plain text

Input

SGVsbG8sIFdvcmxkIQ==

Output

Hello, World!

The 20-character Base64 string decodes back to the original 13-character text. Notice the '==' padding at the end — this indicates the original data was 1 byte short of a 3-byte boundary, requiring 2 padding characters. Decoders strip the padding automatically.

Decoding a JWT payload

Input

eyJzdWIiOiIxMjMiLCJuYW1lIjoiQWxpY2UiLCJpYXQiOjE2MDAwMDAwMDB9

Output

{"sub":"123","name":"Alice","iat":1600000000}

JWT payloads are Base64URL-encoded JSON. Decoding reveals the claims: subject (user ID 123), name (Alice), and issued-at timestamp. The signature segment (third part of JWT) requires the secret to verify but the payload is decodable by anyone — never put confidential data in JWT claims.

Decoding HTTP Basic Auth

Input

YWRtaW46c3VwZXJzZWNyZXQ=

Output

admin:supersecret

Basic Auth encodes 'username:password' as Base64. Decoding reveals the credentials in plaintext. This is why HTTPS is essential — without TLS encryption, anyone on the network path can intercept the Authorization header and decode it as easily as we just did.

Tips & Best Practices for Base64 Decoder

1.Always decode JWT payloads when debugging auth — but never trust them without verifying the signature server-side. Anyone can craft a JWT with arbitrary claims; the signature is what proves the JWT was issued by your authentication system.
2.When decoding fails, check for: (1) URL-encoded Base64 (replace %2B with +, %2F with /, %3D with =), (2) missing padding (append = until length is divisible by 4), (3) Base64URL variant (replace - with +, _ with /), (4) extraneous whitespace or line breaks.
3.For binary data (images, PDFs, executables), the decoded output is binary bytes that won't display as readable text. Use a file decoder tool (or programmatic decoding) to save the bytes to a file with the appropriate extension.
4.Strip whitespace and line breaks before decoding strict implementations. MIME-formatted Base64 (from emails) often has 76-char line breaks; some decoders handle this automatically, others fail. JavaScript's atob() handles MIME-style line breaks fine.
5.Don't paste sensitive Base64 (decoded credentials, secrets, private keys) into untrusted online decoders. This tool runs locally in your browser, but verify before pasting any auth tokens or keys — check the URL is https://, examine page source, or run an open-source decoder locally.
6.Combining decoding with other tools is often useful: Base64-decode → JSON-format (for JWT payloads), Base64-decode → image-viewer (for embedded images), Base64-decode → URL-decode (for nested encodings). Most encoding chains can be reversed step by step.

Frequently Asked Questions

Base64 decoding is the reverse of Base64 encoding — it takes Base64-encoded text (like 'SGVsbG8gV29ybGQ=') and recovers the original binary data or text. The decoder reads each Base64 character (A-Z, a-z, 0-9, +, /, =), maps it to 6 bits, and reconstructs 3 bytes for every 4 input characters.

Base64 Decoder

About Base64 Decoding

How to Use Base64 Decoder

Paste Base64 input

View decoded output

Detect errors automatically

Copy or use the result

When to Use Base64 Decoder

Inspecting JWT token payloads

Reading email attachments programmatically

Extracting embedded images from CSS/HTML

Decoding HTTP Basic Auth credentials

Base64 Decoder Examples

Decoding plain text

Decoding a JWT payload

Decoding HTTP Basic Auth

Tips & Best Practices for Base64 Decoder

Frequently Asked Questions

Related Tools

Base64 Encoder

Hex to Text

Binary to Text Converter

Morse Code Converter

URL Decoder

HTML Entity Decoder