JWT (JSON Web Token)Regex — Pattern, Examples & Code
^[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]*$What it matches / doesn't match
| Matches ✅ | Does not match ❌ |
|---|---|
●eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1c2VyIn0.abc123 | ●not.a.jwt! |
●eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiJ9.e30.sig | ●onlytwoparts.here |
●has spaces in.the.token |
How it works
Matches the three-segment structure of a JWT: header, payload, and signature, each encoded in Base64URL (A–Z, a–z, 0–9, _, -). The signature segment may be empty for unsecured tokens (alg: none). This pattern validates structural format only — use a JWT library to verify the signature and claims.
Code Usage
JavaScript
const regex = /^[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]*$/;
regex.test("eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1c2VyIn0.abc"); // truePython
import re
pattern = re.compile(r'^[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]*$')
bool(pattern.match("eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1c2VyIn0.abc")) # TrueGo
import "regexp"
r := regexp.MustCompile(`^[A-Za-z0-9_-]+.[A-Za-z0-9_-]+.[A-Za-z0-9_-]*$`)
r.MatchString("eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1c2VyIn0.abc") // trueNeed a custom regex for a different use case?
Generate a custom regex with AI →FAQ
What does the JWT (JSON Web Token) regex pattern match?
Matches the three-segment structure of a JWT: header, payload, and signature, each encoded in Base64URL (A–Z, a–z, 0–9, _, -). The signature segment may be empty for unsecured tokens (alg: none). This pattern validates structural format only — use a JWT library to verify the signature and claims.
How do I use the JWT (JSON Web Token) regex in JavaScript?
const regex = /^[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]*$/; regex.test("eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1c2VyIn0.abc"); // true
Can I use the JWT (JSON Web Token) regex in Python?
Yes. import re pattern = re.compile(r'^[A-Za-z0-9_-]+\.[A-Za-z0-9_-]+\.[A-Za-z0-9_-]*$') bool(pattern.match("eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ1c2VyIn0.abc")) # True