# jwtsecrets/mpp

Machine-payable JWT tools over HTTP 402 using the Machine Payments Protocol (MPP).

## Canonical
- https://mpp.jwtsecrets.com/

## Machine Entry Points
- OpenAPI discovery: https://mpp.jwtsecrets.com/openapi.json
- Pricing: https://mpp.jwtsecrets.com/api/pricing
- Health: https://mpp.jwtsecrets.com/api/health
- Decode JWT (paid): POST https://mpp.jwtsecrets.com/api/decode-jwt
- Verify JWT (paid): POST https://mpp.jwtsecrets.com/api/verify-jwt
- Crack JWT (paid): POST https://mpp.jwtsecrets.com/api/crack-jwt
- Session Decode (paid): GET https://mpp.jwtsecrets.com/api/sessions/decode-jwt?token=<jwt>
- Decode JWT via x402 (paid): POST https://mpp.jwtsecrets.com/x402/api/decode-jwt
- Verify JWT via x402 (paid): POST https://mpp.jwtsecrets.com/x402/api/verify-jwt
- Crack JWT via x402 (paid): POST https://mpp.jwtsecrets.com/x402/api/crack-jwt
- Session Decode via x402 (paid): GET https://mpp.jwtsecrets.com/x402/api/sessions/decode-jwt?token=<jwt>

## Payment
- Method: Tempo (pathUSD)
- Protocol: HTTP 402 + MPP Challenge/Credential/Receipt
- Alternate protocol: x402 on `/x402/api/*`

## Public Docs
- Human page: https://mpp.jwtsecrets.com/
- Machine page: https://mpp.jwtsecrets.com/machine/
- MPP docs: https://mpp.dev/quickstart/server
- IETF spec: https://paymentauth.org/

## Notes for AI agents
- Send `Content-Type: application/json` for POST requests.
- Paid routes return `402 Payment Required` before settlement.
- After payment, parse `Payment-Receipt` or `X-Payment-Receipt` response headers.
- Treat JWT cracking as an authorized security/audit operation only.