ArchiveBox API

check_api_token

Validate API tokens for ArchiveBox authentication to ensure they are active and authorized before performing web archiving operations.

Instructions

Validate an API token to make sure it's valid and non-expired.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`token_param`	No	Bearer token for authentication

Output Schema

TableJSON Schema

Name	Required	Description	Default
No arguments

Implementation Reference

archivebox_api/archivebox_mcp.py:91-144 (handler)

Primary MCP tool handler for 'check_api_token', including registration decorator, input schema via Pydantic Fields, and execution logic that instantiates Api client and calls its check_api_token method to validate the token against the ArchiveBox API.

@mcp.tool(
    exclude_args=[
        "archivebox_url",
        "username",
        "password",
        "token",
        "api_key",
        "verify",
    ],
    tags={"authentication"},
)
def check_api_token(
    token: str = Field(
        description="The API token to validate",
    ),
    archivebox_url: str = Field(
        default=os.environ.get("ARCHIVEBOX_URL", None),
        description="The URL of the ArchiveBox instance (e.g., https://yourinstance.archivebox.com)",
    ),
    username: Optional[str] = Field(
        default=os.environ.get("ARCHIVEBOX_USERNAME", None),
        description="Username for authentication",
    ),
    password: Optional[str] = Field(
        default=os.environ.get("ARCHIVEBOX_PASSWORD", None),
        description="Password for authentication",
    ),
    token_param: Optional[str] = Field(
        default=os.environ.get("ARCHIVEBOX_TOKEN", None),
        description="Bearer token for authentication",
    ),
    api_key: Optional[str] = Field(
        default=os.environ.get("ARCHIVEBOX_API_KEY", None),
        description="API key for authentication",
    ),
    verify: Optional[bool] = Field(
        default=to_boolean(os.environ.get("ARCHIVEBOX_VERIFY", "True")),
        description="Whether to verify SSL certificates",
    ),
) -> dict:
    """
    Validate an API token to make sure it's valid and non-expired.
    """
    client = Api(
        url=archivebox_url,
        username=username,
        password=password,
        token=token_param,
        api_key=api_key,
        verify=verify,
    )
    response = client.check_api_token(token=token)
    return response.json()

archivebox_api/archivebox_api.py:115-137 (helper)

Helper method in the Api class that performs the actual HTTP POST request to the ArchiveBox server's /api/v1/auth/check_api_token endpoint to validate the provided token.

def check_api_token(self, token: str) -> requests.Response:
    """
    Validate an API token to make sure it's valid and non-expired

    Args:
        token: The API token to validate.

    Returns:
        Response: The response object from the POST request.

    Raises:
        ParameterError: If the provided parameters are invalid.
    """
    try:
        response = self._session.post(
            url=f"{self.url}/api/v1/auth/check_api_token",
            json={"token": token},
            headers={"Content-Type": "application/json"},
            verify=self.verify,
        )
    except ValidationError as e:
        raise ParameterError(f"Invalid parameters: {e.errors()}")
    return response

Tool Definition Quality

B3.1/5.0

Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

No annotations are provided, so the description carries the full burden of behavioral disclosure. It states the tool validates tokens for validity and expiration, but doesn't cover other traits like authentication needs (though implied by token_param), rate limits, error handling, or what happens on invalid tokens (e.g., returns error vs. false). This leaves gaps for a validation tool with no annotation support.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

The description is a single, efficient sentence: 'Validate an API token to make sure it's valid and non-expired.' It's front-loaded with the core purpose, has zero waste, and is appropriately sized for a simple validation tool. Every word earns its place.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness3/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given the tool's low complexity (one optional parameter) and the presence of an output schema (which handles return values), the description is minimally adequate. However, with no annotations and incomplete behavioral context (e.g., missing error cases), it doesn't fully compensate for the lack of structured data, leaving some gaps in understanding the tool's full behavior.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

The input schema has 100% description coverage, with the parameter 'token_param' documented as 'Bearer token for authentication.' The description doesn't add any meaning beyond this—it doesn't explain parameter usage, format, or optionality. With high schema coverage, the baseline is 3, as the schema does the heavy lifting without extra value from the description.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose4/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description clearly states the tool's purpose: 'Validate an API token to make sure it's valid and non-expired.' It specifies the action (validate) and resource (API token) with explicit criteria (validity and expiration status). However, it doesn't distinguish from sibling tools like 'get_api_token'—which might retrieve rather than validate—so it doesn't achieve full sibling differentiation.

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines2/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

The description provides no guidance on when to use this tool versus alternatives. It doesn't mention prerequisites (e.g., needing a token to validate), exclusions, or comparisons to siblings like 'get_api_token' (which might be for retrieval). Usage is implied only by the purpose, with no explicit context or alternatives stated.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

Lightport: Open-Sourcing Glama's AI Gateway
By punkpeye on April 27, 2026.
open source
OpenAI
Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/Knuckles-Team/archivebox-api'

If you have feedback or need assistance with the MCP directory API, please join our Discord server