Yeah, sure, it's quite simple to do. JWT tokens contain three parts separated by a pointer sign. 

  • Header, with the algorithm of the signature and the type of token
  • Payload, any data in JSON format
  • Signature needs to verify the token 

All of those parts are encoded with Base64

  Set token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJzdWIiOiIxMjM0NTY3ODkwIiwibmFtZSI6IkpvaG4gRG9lIiwiaWF0IjoxNTE2MjM5MDIyfQ.SflKxwRJSMeKKF2QT4fwpMeJf36POk6yJV_adQssw5c" 

  #; Extract parts of the token
  Set $ListBuild(header, payload, sign) = $ListFromString(token, ".")

  #; Decode and parse Header
  Set header = $System.Encryption.Base64Decode(header)
  Set header = {}.%FromJSON(header)
  Write !,"header"
  Write !,"alg = ",header.alg
  Write !,"typ = ",header.typ

  #; Decode and parse Payload
  Set payload = $System.Encryption.Base64Decode(payload)
  Set payload = {}.%FromJSON(payload)
  Write !!,"data"
  Write !,"name = ", payload.name 
  Write !,"iat = ", payload.iat 

Most of the code related to OAuth2 in IRIS, supposed that you have configured OAuth2 Client, and uses this information to validate and extract data from the token. And this particular method will expect OAuth2 client with the name "demoresource".

I'm not sure how InterSystems supposed to get it worked together with IAM. But I have an example, of extracting data from the JWT token, without any configuration. Look at this code. In this class, I can generate tokens and validate them, as well as pass any data to generating tokens, and extract it. But it also uses a secret phrase to validate the token. And depends on the algorithm, it will require just a simple string as a secret phrase, or a public and private key.

And try the suggested JWT debugger, which may help you in understanding, what's exactly stored in the token and used algorithm for the key.

If you are new to InterSystems, you should start with IRIS, which is the newest product, the replacement for Caché. 

You can download the distributive here or through WRC if you already have access.

The installation process on Windows is quite simple, just run the installer, and press the buttons Next. It will be enough for the evaluation. You may look at the documentation, for the Installation guide.

Management Portal is a part of the default installation. And in windows, should be available from the menu by the InterSystems Cube icon in the tray.

And usually, the URL is something like this. The port can be different if you have more than one instance of Cache installed.

http://localhost:57772/csp/sys/UtilHome.csp

On the Login page, it does not show IRIS Logo. IRIS just returns 404 for the icon, if it's present, after the first login, it appears in WebGateway cache and became available. And the same for any static files. The Security Audit shows this error.

<PROTECT>%Oid+3^%Stream.Object.1 ^IRIS.SM.Shard,/usr/irissys/mgr/

Documentation about installation IRIS in macOS.

The easiest way to try it is to start it with docker.

docker run -d --name irishealth -p 52773:52773 store/intersystems/irishealth-community:2021.1.0.205.0

With installed docker when this command will successfully download the image, and starts IRIS for Health, you may try to open it, as usual by URL http://localhost:52773/csp/sys/UtilHome.csp, with default login and password, but will ask to change it.

For Ensemble

docker run -d --name ensemble -p 52772:52772 daimor/intersystems-ensemble:2018.1

But, be aware, that all your changes will disappear when the container will be stopped and deleted.

Are you sure, that the process was terminated?

You should check cconsole.log/messages.log

journal records, you should find there where transaction was started, you changed the data, check if change was really in transaction and any other records within the process, it should be commit or rollback. 
In any case, when restart Cache, it should terminate any unfinished processes and rollback data.