Utilities
JWT sign & verify (HMAC) API
Sign a JWT from a payload + secret (with optional expiry), or verify a token's signature and expiry — HS256/384/512. Cryptography an LLM cannot perform. Complements util/jwt-decode (decode only). Answers 'sign this JWT', 'create a token', 'verify this JWT signature', 'is this token valid/expired'.
Price$0.01per request
MethodPOST
Route/v1/util/jwt
StatusLive
MIME typeapplication/json
Rate limit120/minute
CacheNo cache
utiljwtsignverifyhmacauthtokencrypto
API URL
Integration docshttps://x402.hexl.dev/v1/util/jwtExample request
{
"op": "sign",
"payload": {
"sub": "agent-123",
"role": "buyer"
},
"secret": "your-secret",
"expiresIn": 3600
}Example response
{
"op": "sign",
"algorithm": "HS256",
"token": "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE…"
}Input schema
{
"type": "object",
"required": [
"op",
"secret"
],
"properties": {
"op": {
"type": "string",
"enum": [
"sign",
"verify"
]
},
"payload": {
"type": "object",
"additionalProperties": true
},
"token": {
"type": "string"
},
"secret": {
"type": "string"
},
"algorithm": {
"type": "string",
"enum": [
"HS256",
"HS384",
"HS512"
],
"default": "HS256"
},
"expiresIn": {
"type": "number"
}
}
}Output schema
{
"type": "object",
"additionalProperties": true
}