JSON Web Encryption (RFC 7516) bundles ciphertext, an integrity tag, and the key-wrapping material into five base64url segments. Decryption requires the recipient's private key, but the protected header — and the structure itself — can always be inspected. Paste a compact JWE below to see every part.
Compact JWE
Structure
A compact JWE has five base64url-encoded parts separated by dots: header.encrypted key.iv.ciphertext.tag
JWE decryption requires the recipient's private key (or a shared symmetric key for dir and key-wrap modes), and is intentionally not performed in this tool — pasted secrets stay in your browser, but the safer pattern is to verify and decrypt server-side. Use the algorithm summary above to pick the right key-management routine, then feed the five segments to your JOSE library.