Skip to main content
Glama

JWT Auditor MCP Server

by mohdhaji87

JWT Auditor MCP Server

This project provides an MCP server exposing advanced JWT auditing tools, inspired by JWTAuditor. It is designed for use with Claude Desktop, Cursor, and other MCP-compatible clients.

Features

  • JWT Decoder: Decodes JWT header, payload, and signature.
  • JWT Analyzer: Detects vulnerabilities (alg=none, weak algs, missing claims, header injection, sensitive data, etc.).
  • JWT Secret Bruteforcer: Attempts to brute-force HS256/HS384/HS512 secrets using a wordlist.
  • JWT Generator/Editor: Create and sign JWTs (HS* and RS* support).

Quickstart

1. Install dependencies (using uv)

uv pip install -r pyproject.toml

2. Run the MCP server

uv run server.py

3. Configure Claude Desktop (or Cursor)

Add the following to your Claude Desktop mcpServers.json (or merge into your config):

{ "mcpServers": { "JWT Auditor MCP": { "type": "stdio", "command": "uv", "args": ["run", "server.py"], "cwd": "/Users/haji/mcp-servers/jwtAuditor-Mcp" } } }
  • Make sure the cwd path matches your project directory.
  • This will launch the server in the correct environment using uv.

4. Example mcp.json for MCP Inspector or other clients

If you want to use the MCP Inspector or another tool that requires an mcp.json config, use:

{ "mcpServers": { "jwt-auditor": { "type": "stdio", "command": "uv", "args": ["run", "server.py"], "cwd": "/Users/haji/mcp-servers/jwtAuditor-Mcp" } } }

Security

  • All JWT operations are performed locally.
  • No tokens or secrets are sent to any external service.

Credits


Install Server
A
security – no known vulnerabilities
F
license - not found
A
quality - confirmed to work

Provides advanced JWT auditing tools including decoding, vulnerability analysis, secret bruteforcing, and JWT generation/editing capabilities for MCP-compatible clients.

  1. Features
    1. Quickstart
      1. 1. Install dependencies (using uv)
      2. 2. Run the MCP server
      3. 3. Configure Claude Desktop (or Cursor)
      4. 4. Example mcp.json for MCP Inspector or other clients
    2. Security
      1. Credits

        Related MCP Servers

        • A
          security
          A
          license
          A
          quality
          A specialized MCP server for in-depth analysis of git repositories, offering tools for branch overview, time period analysis, file changes, and merge recommendations.
          Last updated -
          4
          1
          JavaScript
          Apache 2.0
        • -
          security
          A
          license
          -
          quality
          A comprehensive system that helps organizations track, manage, and respond to security vulnerabilities effectively through features like vulnerability tracking, user management, support tickets, API key management, and SSL certificate management.
          Last updated -
          Python
          MIT License
        • -
          security
          F
          license
          -
          quality
          An MCP server that integrates various penetration testing tools, enabling security professionals to perform reconnaissance, vulnerability scanning, and API testing through natural language commands in compatible LLM clients like Claude Desktop.
          Last updated -
          3
          Python
        • -
          security
          F
          license
          -
          quality
          Provides a one-stop automated solution for Android APK security analysis by integrating tools like JEB, JADX, APKTOOL, FlowDroid, and MobSF into unified MCP standard API interfaces.
          Last updated -
          129
          Python
          • Linux
          • Apple

        View all related MCP servers

        MCP directory API

        We provide all the information about MCP servers via our MCP API.

        curl -X GET 'https://glama.ai/api/mcp/v1/servers/mohdhaji87/JWTAuditorMCP'

        If you have feedback or need assistance with the MCP directory API, please join our Discord server