MCP Hub
Back to servers

mcp-api-tools

A comprehensive suite of HTTP and API testing tools that enables AI agents to perform requests, check endpoint health, and decode JWTs. It also provides utilities for URL parsing and detailed security analysis of HTTP response headers.

glama
Updated
Mar 19, 2026
View Source
Claim this server

@rog0x/mcp-api-tools

HTTP/API testing tools for AI agents, built on the Model Context Protocol.

Tools

http_request

Make any HTTP request (GET, POST, PUT, DELETE, PATCH, HEAD, OPTIONS) with full control over headers, body, authentication, and timeouts. Returns status code, response headers, body, and timing information.

api_health

Check the health of multiple API endpoints in parallel. Returns HTTP status, response time, SSL certificate validity and expiry, and optional response body validation. Includes a summary with counts of healthy, unhealthy, and errored endpoints.

jwt_decode

Decode a JWT token without cryptographic verification. Returns the decoded header and payload, issued-at time, expiry time, and whether the token is currently expired.

url_parse

Parse a URL into its component parts (protocol, host, port, path, query parameters, hash) or build a URL from individual parts.

header_analyzer

Analyze HTTP response headers for security posture (HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy), caching directives, CORS configuration, and cookie attributes. Provides a letter grade for security. Can fetch headers from a live URL or analyze a provided headers object.

Installation

npm install
npm run build

Configuration

Claude Desktop

Add to your claude_desktop_config.json:

{
  "mcpServers": {
    "api-tools": {
      "command": "node",
      "args": ["D:/products/mcp-servers/mcp-api-tools/dist/index.js"]
    }
  }
}

Claude Code

claude mcp add api-tools node D:/products/mcp-servers/mcp-api-tools/dist/index.js

Examples

Make a POST request:

Use http_request to POST to https://httpbin.org/post with JSON body {"key": "value"}

Check API health:

Use api_health to check these endpoints: https://api.github.com, https://httpbin.org/get

Decode a JWT:

Use jwt_decode to decode this token: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...

Parse a URL:

Use url_parse to break down https://example.com:8080/api/v1?key=value&debug=true#section

Analyze security headers:

Use header_analyzer to check security headers for https://github.com

License

MIT

Reviews

No reviews yet

Sign in to write a review