Base64 Decode Online — Decode Base64 Strings to Text or Files

Base64 decoding reverses the encoding process, converting base64 strings back to the original binary data or text. Here's how decoding works, where you'll encounter encoded...

Mian Ali Khalid · 2026-05-11 · 5 min read

Use the tool

Base64 Encoder / Decoder

Encode and decode Base64 strings and files. Client-side, safe for sensitive data.

Open Base64 Encoder / Decoder →

Base64 decoding takes a base64-encoded string and converts it back to the original data — text, binary, or any file that was encoded. It’s the reverse of encoding: each group of 4 base64 characters becomes 3 original bytes.

Use the base64 decoder to decode base64 strings to text or download the decoded file in your browser.

Recognizing base64-encoded data

Base64 strings use only these 64 characters:

Letters: A–Z, a–z (52 characters)
Digits: 0–9 (10 characters)
Plus: + and slash: / (2 characters)
Equals: = as padding (1–2 at the end)

Typical appearance:

SGVsbG8sIFdvcmxkIQ==
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
iVBORw0KGgoAAAANSUhEUgAA

Red flags for base64: Long strings with no spaces, using only alphanumeric characters plus +/=, often ending with == or = (padding).

Common places you’ll encounter base64:

JWT tokens (the header and payload parts)
Data URLs in HTML/CSS (data:image/png;base64,...)
Email attachment encoding (MIME)
API credentials and tokens
SSH key files
X.509 certificate files (PEM format)
Basic Auth credentials in HTTP headers

How to decode

Using the online tool

Open the Base64 Tool
Paste the base64 string in the input field
The decoded output appears instantly
For binary data (images, files): download the decoded result

JavaScript

// Decode base64 to text (browser and Node.js):
const encoded = 'SGVsbG8sIFdvcmxkIQ==';
const decoded = atob(encoded);
console.log(decoded); // "Hello, World!"

// Handle Unicode (atob only handles Latin-1):
function decodeBase64Unicode(str) {
  return decodeURIComponent(
    atob(str).split('').map(c => 
      '%' + c.charCodeAt(0).toString(16).padStart(2, '0')
    ).join('')
  );
}
console.log(decodeBase64Unicode('SGRX8A==')); // UTF-8 with non-ASCII chars

// Node.js:
const decoded2 = Buffer.from('SGVsbG8sIFdvcmxkIQ==', 'base64').toString('utf8');
console.log(decoded2); // "Hello, World!"

// Decode to binary buffer (for files):
const binaryBuffer = Buffer.from(imageBase64, 'base64');
require('fs').writeFileSync('output.png', binaryBuffer);

Python

import base64

# Decode to text:
encoded = b'SGVsbG8sIFdvcmxkIQ=='
decoded = base64.b64decode(encoded).decode('utf-8')
print(decoded)  # Hello, World!

# Decode to bytes (for binary data):
binary_data = base64.b64decode(image_base64_string)
with open('output.png', 'wb') as f:
    f.write(binary_data)

# Handle missing padding:
def safe_b64decode(s):
    # Add padding if missing:
    padding = 4 - len(s) % 4
    if padding != 4:
        s += '=' * padding
    return base64.b64decode(s)

Command line

# Decode a base64 string:
echo "SGVsbG8sIFdvcmxkIQ==" | base64 -d
# Hello, World!

# Decode a file:
base64 -d encoded.b64 > decoded_output.bin

# macOS:
echo "SGVsbG8sIFdvcmxkIQ==" | base64 -D  # Capital -D on macOS

Decoding JWT tokens

JWT tokens are base64url-encoded (URL-safe variant: - instead of +, _ instead of /, no = padding). The header and payload are base64url-encoded JSON.

function decodeJwtPayload(token) {
  const payload = token.split('.')[1]; // Get payload part
  // Convert base64url to standard base64:
  const base64 = payload.replace(/-/g, '+').replace(/_/g, '/');
  // Add padding:
  const padded = base64.padEnd(base64.length + ((4 - base64.length % 4) % 4), '=');
  return JSON.parse(atob(padded));
}

const token = 'eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiIxMjM0NSJ9.signature';
console.log(decodeJwtPayload(token));
// { sub: '12345' }

Decoding data URLs

Data URLs embed files directly in HTML or CSS as base64:

data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAA...

To decode and save the image:

import base64
import re

data_url = 'data:image/png;base64,iVBORw0KGgoAAAANSUhEUg...'
# Extract the base64 part:
match = re.match(r'data:(.+);base64,(.+)', data_url)
mime_type = match.group(1)  # 'image/png'
base64_data = match.group(2)

image_bytes = base64.b64decode(base64_data)
ext = mime_type.split('/')[1]  # 'png'
with open(f'image.{ext}', 'wb') as f:
    f.write(image_bytes)

Incorrect padding errors

The most common base64 decode error: “Incorrect padding.” Base64 strings must be a multiple of 4 characters. If the encoded string was truncated or the padding = characters were stripped, decoding fails.

# Fix: add missing padding before decoding
def pad_base64(s):
    return s + '=' * (4 - len(s) % 4) % 4

# Or:
import base64
base64.b64decode(s + '==')  # Extra == is always safe — decoders ignore excess padding

Is base64 encryption?

No. Base64 is encoding, not encryption. Anyone can decode base64 without a key — it’s a reversible transformation, not a secure scramble.

Don’t use base64 to “protect” sensitive data. Use actual encryption (AES, RSA) for data that must be kept secret. Base64 is for binary-to-text transport, not security.

Base64 Tool — encode and decode Base64 in your browser
Base64 Encode — encoding explained
When Not to Use Base64 — common misuse patterns

Base64: How It Actually Works Under the Hood — Base64 is everywhere — in JWTs, data URLs, email attachments. This is the byte-l…
When You Should NOT Use Base64 Encoding — Base64 is the duct tape of the web — and like real duct tape, it's used in place…
Base64 Encoding on the Command Line — Linux, macOS, and Windows — Encode and decode Base64 on the command line using base64, openssl, and PowerShe…
Base64 Encode Online — Encode Text and Files to Base64 Instantly — Base64 encoding converts binary data into printable ASCII text. It's used in ema…

Related tool