> ## Documentation Index > Fetch the complete documentation index at: https://gofastmcp.com/llms.txt > Use this file to discover all available pages before exploring further. # auth # `fastmcp.utilities.auth` Authentication utility helpers. ## Functions ### `decode_jwt_header` ```python theme={"theme":{"light":"snazzy-light","dark":"dark-plus"}} decode_jwt_header(token: str) -> dict[str, Any] ``` Decode JWT header without signature verification. Useful for extracting the key ID (kid) for JWKS lookup. **Args:** * `token`: JWT token string (header.payload.signature) **Returns:** * Decoded header as a dictionary **Raises:** * `ValueError`: If token is not a valid JWT format ### `decode_jwt_payload` ```python theme={"theme":{"light":"snazzy-light","dark":"dark-plus"}} decode_jwt_payload(token: str) -> dict[str, Any] ``` Decode JWT payload without signature verification. Use only for tokens received directly from trusted sources (e.g., IdP token endpoints). **Args:** * `token`: JWT token string (header.payload.signature) **Returns:** * Decoded payload as a dictionary **Raises:** * `ValueError`: If token is not a valid JWT format ### `parse_scopes` ```python theme={"theme":{"light":"snazzy-light","dark":"dark-plus"}} parse_scopes(value: Any) -> list[str] | None ``` Parse scopes from environment variables or settings values. Accepts either a JSON array string, a comma- or space-separated string, a list of strings, or `None`. Returns a list of scopes or `None` if no value is provided.