# JWT Decoder API MCP server

Decode JWT tokens — inspect header, payload, claims, expiry. x402 micropayment.

## Links
- Registry page: https://www.getdrio.com/mcp/io-github-br0ski777-jwt-decoder
- Repository: https://github.com/Br0ski777/jwt-decoder-x402
- Website: https://github.com/Br0ski777/jwt-decoder-x402

## Install
- Endpoint: https://jwt-decoder.api.klymax402.com/mcp
- Auth: Not captured

## Setup notes
- Remote endpoint: https://jwt-decoder.api.klymax402.com/mcp

## Tools
- security_decode_jwt - Use this when you need to decode and inspect a JWT token without verifying its signature. Returns the full header, payload, and expiration status.

1. header -- algorithm (RS256, HS256, etc.) and token type
2. payload -- all claims (sub, iss, aud, iat, exp, custom claims)
3. issuedAt -- human-readable issued date
4. expiresAt -- human-readable expiry date
5. isExpired -- boolean indicating if the token has expired

Example output: {"header":{"alg":"RS256","typ":"JWT"},"payload":{"sub":"user123","exp":1720000000},"issuedAt":"2025-01-01T00:00:00Z","expiresAt":"2025-07-03T00:00:00Z","isExpired":false}

Use this FOR debugging authentication issues, inspecting token claims before API calls, or verifying token expiry. Use this BEFORE making authenticated requests to check if a token needs refreshing.

Do NOT use for hashing data -- use crypto_generate_hash instead. Do NOT use for base64 encoding/decoding -- use utility_encode_base64 instead. Do NOT use for password analysis -- use security_check_password instead. Endpoint: https://jwt-decoder.api.klymax402.com/mcp

## Resources
Not captured

## Prompts
Not captured

## Metadata
- Owner: io.github.Br0ski777
- Version: 1.1.0
- Runtime: Sse
- Transports: HTTP
- License: Not captured
- Language: Not captured
- Stars: Not captured
- Updated: May 16, 2026
- Source: https://registry.modelcontextprotocol.io