We do have a guide for customizing the JWT validation: JWT validation - Strapi Developer Documentation
But it may be easier to tweak the other app to validate Strapi JWTs instead (it’s just a matter of using the same secret and decrypting the token, or even better would be having the app accept a strapi token, and forwarding that over to /users/me to validate it and get the user data.)