The JWT specification (RFC 7519) defines seven registered claims that carry standardized meaning across all compliant JWT implementations. sub (subject) typically carries the user ID. iss (issuer) identifies the authority that generated the token (e.g., accounts.google.com). aud (audience) specifies which services should accept the token. iat (issued-at) and exp (expiration) define the token's lifetime. nbf (not before) prevents the token from being used too early. jti (JWT ID) is a unique identifier used to prevent replay attacks. Our decoder clearly labels each of these registered claims and separates them from private (custom) claims added by your application.