mcp-api-tools

Overview Schema Related Servers Score Discussions

jwt_decode

Decode JWT tokens to inspect header, payload, expiry, and issued-at time without verification. Use this tool to analyze token contents and check expiration status for debugging or testing purposes.

Instructions

Decode a JWT token without verification. Returns header, payload, expiry, issued-at time, and whether the token is expired.

Input Schema

TableJSON Schema

Name	Required	Description	Default
`token`	Yes	The JWT token string to decode

Implementation Reference

src/tools/jwt-decode.ts:42-82 (handler)

The implementation of the jwt_decode tool handler.

export function jwtDecode(token: string): JwtDecodeResult {
  const trimmed = token.trim();
  const parts = trimmed.split(".");

  if (parts.length < 2 || parts.length > 3) {
    throw new Error(
      `Invalid JWT: expected 2 or 3 parts separated by dots, got ${parts.length}`
    );
  }

  let header: Record<string, unknown>;
  let payload: Record<string, unknown>;

  try {
    header = JSON.parse(base64UrlDecode(parts[0]));
  } catch {
    throw new Error("Invalid JWT: unable to decode header");
  }

  try {
    payload = JSON.parse(base64UrlDecode(parts[1]));
  } catch {
    throw new Error("Invalid JWT: unable to decode payload");
  }

  const now = Date.now();
  const exp = typeof payload.exp === "number" ? payload.exp * 1000 : null;
  const isExpired = exp !== null ? now > exp : false;
  const timeUntilExpiry = exp !== null ? formatDuration(exp - now) : null;

  return {
    header,
    payload,
    signature_present: parts.length === 3 && parts[2].length > 0,
    issued_at: timestampToIso(payload.iat),
    expires_at: timestampToIso(payload.exp),
    not_before: timestampToIso(payload.nbf),
    is_expired: isExpired,
    time_until_expiry: timeUntilExpiry,
  };
}

src/tools/jwt-decode.ts:1-10 (schema)

The interface defining the structure of the decoded JWT result.

export interface JwtDecodeResult {
  header: Record<string, unknown>;
  payload: Record<string, unknown>;
  signature_present: boolean;
  issued_at: string | null;
  expires_at: string | null;
  not_before: string | null;
  is_expired: boolean;
  time_until_expiry: string | null;
}

src/index.ts:110-124 (registration)

The MCP tool registration schema for jwt_decode.

{
  name: "jwt_decode",
  description:
    "Decode a JWT token without verification. Returns header, payload, expiry, issued-at time, and whether the token is expired.",
  inputSchema: {
    type: "object" as const,
    properties: {
      token: {
        type: "string",
        description: "The JWT token string to decode",
      },
    },
    required: ["token"],
  },
},

src/index.ts:223-228 (handler)

The request handler switch case for the jwt_decode tool.

case "jwt_decode": {
  const result = jwtDecode(args?.token as string);
  return {
    content: [{ type: "text", text: JSON.stringify(result, null, 2) }],
  };
}

Tool Definition Quality

Score is being calculated. Check back soon.

Install Server

Other Tools

Latest Blog Posts

Tool Definition Quality Score (TDQS)
By punkpeye on April 3, 2026.
mcp
The Hackers Who Tracked My Sleep Cycle
By punkpeye on March 26, 2026.
security
Open Source Has a Bot Problem
By punkpeye on March 19, 2026.
open source

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/rog0x/mcp-api-tools'

If you have feedback or need assistance with the MCP directory API, please join our Discord server