Crypto & Security 1 credit COMPUTE

JWT Verify API

Verify JSON Web Token signatures and check expiry via REST API. Submit a JWT and the secret key used to sign it — the API confirms the signature is valid, the token has not expired, and returns the decoded payload claims.

Try it live →

How it works

POST the JWT string and the secret. The API splits the token, recomputes the expected HMAC-SHA256 signature, compares it in constant time (timing-attack safe), checks the exp claim against the current time, and returns the decoded payload or a structured error.

Use cases

Validate JWTs from untrusted sources before trusting their claims
Debug JWT authentication failures in development
Check token expiry in serverless functions without importing a JWT library
Verify third-party JWTs during API integration testing

API Reference

POST https://slopshop.gg/v1/crypto-jwt-verify
Authorization: Bearer YOUR_API_KEY
Content-Type: application/json

Input parameters

Parameter	Type	Required	Description
`input / data`	string	required	The input data to hash or process

Example response

{
  "data": {
    "result": "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
    "algorithm": "jwt-verify"
  },
  "meta": {
    "credits_used": 1,
    "engine": "real",
    "ms": 4
  }
}

Examples

Three real-world scenarios showing how developers use JWT Verify in production.

Example 1

Verify login token

Check that a Bearer token from a request header is valid and unexpired.

curl -X POST https://slopshop.gg/v1/crypto-jwt-verify \
  -H "Authorization: Bearer $SLOPSHOP_KEY" \
  -H "Content-Type: application/json" \
  -d '{"token": "eyJhbGciOiJIUzI1NiJ9...", "secret": "my-app-secret"}'

Example 2

Debug expired token

Diagnose why authentication is failing for a specific token.

curl -X POST https://slopshop.gg/v1/crypto-jwt-verify \
  -H "Authorization: Bearer $SLOPSHOP_KEY" \
  -H "Content-Type: application/json" \
  -d '{"token": "eyJhbGciOiJIUzI1NiJ9...", "secret": "my-app-secret"}'

Example 3

Validate third-party integration

Verify tokens issued by a partner service before processing their events.

curl -X POST https://slopshop.gg/v1/crypto-jwt-verify \
  -H "Authorization: Bearer $SLOPSHOP_KEY" \
  -H "Content-Type: application/json" \
  -d '{"token": "eyJhbGciOiJIUzI1NiJ9...", "secret": "partner-shared-secret"}'

Code examples

curl

curl -X POST https://slopshop.gg/v1/crypto-jwt-verify \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{"input": "your data here"}'

Python

import requests

response = requests.post(
    "https://slopshop.gg/v1/crypto-jwt-verify",
    headers={"Authorization": "Bearer YOUR_API_KEY"},
    json={"input": "your data here"}
)
result = response.json()
print(result["data"])

Node.js

const response = await fetch("https://slopshop.gg/v1/crypto-jwt-verify", {
  method: "POST",
  headers: {
    "Authorization": "Bearer YOUR_API_KEY",
    "Content-Type": "application/json"
  },
  body: JSON.stringify({ input: "your data here" })
});
const { data } = await response.json();
console.log(data);

CLI

# Install the Slopshop CLI
npm install -g slopshop

# Set your API key
export SLOPSHOP_KEY=your_api_key

# Call crypto-jwt-verify
slop crypto-jwt-verify '{"input": "your data here"}'

Pricing

Credits per call

credits

Cost per call

$0.001

at Starter tier

Tier

COMPUTE

Pure compute

Credits are purchased in bundles starting at $1 for 1,000 credits. All compute APIs like this one use 1 credit per call — that's $0.001. See all pricing tiers.

Related APIs in Crypto & Security

View the full API catalog · Try in playground · Documentation