DEV Community

Daivik Dagar
Daivik Dagar

Posted on

🚀 I Built DG Encoder — A Free Cloudflare Worker API for Storing Secrets, Webhooks, and Dynamic Configurations

#webdev #programming #javascript #productivity

As developers, we often need to store webhook URLs, service endpoints, configuration strings, and other values that we don't want exposed directly in frontend code.

Most solutions either require setting up a backend, paying for a service, or managing API keys.

API URL (Generate your endpoint here): https://dg-encoder.scriptsnsenses.workers.dev/

So I built DG Encoder.

A completely free, no-API-key service powered by Cloudflare Workers that lets developers store and retrieve text-based data through simple endpoints.

✨ What is DG Encoder?

DG Encoder is a lightweight API that allows you to:

  • Store any text value
  • Receive a unique ID
  • Retrieve the value later through an endpoint
  • Restrict access to specific domains
  • Edit stored entries
  • Delete stored entries
  • Use the service without API keys
  • Use the service completely free

💸 Free Forever

One of the main goals of DG Encoder is simplicity.

There are:

✅ No API keys

✅ No signup requirements

✅ No subscriptions

✅ No paid plans

✅ No complicated setup

Just open the website, encode your value, and start using it.

🔥 Why I Built It

While building web applications, I noticed that many developers need a simple way to hide values from frontend code without setting up a full backend system.

Common examples include:

  • Discord webhooks
  • Dynamic configuration values
  • Service endpoints
  • Internal URLs
  • Integration strings

DG Encoder provides a quick solution by storing those values behind randomly generated IDs.

Your application only needs the generated ID instead of the original value.

⚡ Key Features

Encode Anything

Store any string and receive a unique identifier.

{
  "id": "abc123xyz"
}
Enter fullscreen mode Exit fullscreen mode

Domain Restrictions

Limit which websites can access a stored value.

For example:

example.com
myapp.pages.dev
Enter fullscreen mode Exit fullscreen mode

Only approved domains can successfully use the decode endpoint.

Edit Existing Entries

Need to replace a webhook or endpoint?

Update the stored value without generating a new ID.

Delete Entries

Remove data whenever it is no longer needed.

No API Key Required

Developers can start using DG Encoder immediately.

No registration process.

No authentication setup.

No developer dashboard required.

Cloudflare-Powered

Built on Cloudflare Workers for:

  • Global performance
  • Edge execution
  • Low latency
  • High availability

🛡️ Security Notes

DG Encoder is designed to auto encode differently every time. Hence, when it stores encoded data for functioning I can also don't see your secrets.

DG Encoder is designed as a lightweight utility and not as a replacement for enterprise secret-management platforms.

It works best for:

  • Webhooks
  • Configuration values
  • Dynamic URLs
  • Frontend integrations
  • Small-to-medium web projects

Domain restrictions add an additional layer of control by limiting where stored values can be accessed from.

💡 Example Use Cases

Discord Projects

Store webhook URLs without exposing them directly in frontend code.

SaaS Applications

Manage configuration values and service endpoints dynamically.

Internal Tools

Keep URLs and integrations organized behind generated IDs.

No-Code Platforms

Store integration endpoints and access them through simple API calls.

Frontend-Only Applications

Reduce exposure of important URLs without maintaining a dedicated backend.

🏗️ Tech Stack

  • Cloudflare Workers
  • Cloudflare KV
  • JavaScript
  • Edge Computing

🚀 Future Plans

Features I'm considering adding:

  • Expiration dates
  • Usage analytics
  • Request statistics
  • Password-protected entries
  • Team workspaces
  • Rate limiting controls
  • More advanced access rules

Limits

As a free API the API has some limits but I think they are feasible, see yourself:

  • 100,000 Requests a day
  • 30 max encodings per user (I have made encoding deletable, refer to the last line of Limits for more information)
  • Value size limit: 8,000
  • Label characters limit: 200
  • Rate Limit: 18 requests per minute
  • You can only delete encodings if they are 7 days old
  • Supports English letters, numbers, and symbols like #, @, and $. Emojis and other languages are not supported.

Endpoints

Method Endpoint Purpose
GET / Web UI
POST /encode Create a new encoding
GET /d/:id Decode stored value
GET /r/:id Redirect to stored URL
GET /mine List user's encodings
PATCH /d/:id Update allowed domains
DELETE /d/:id Delete encoding

Example of API Wiring

Example of using encode and decode endpoint
(not recommended)

// Store a webhook URL once, it is recommended to encode from website otherwise your original URL will show
const create = await fetch(
  "https://dg-encoder.scriptsnsenses.workers.dev/encode",
  {
    method: "POST",
    headers: {
      "Content-Type": "application/json"
    },
    body: JSON.stringify({
      value: "https://hooks.example.com/my-secret-webhook",
      label: "Orders Webhook",
      domains: ["myapp.com"]
    })
  }
);

const encoded = await create.json();

// Later, retrieve it
const decoded = await fetch(
  encoded.decodeUrl
);

const webhook = await decoded.json();

// Use the real URL
await fetch(webhook.value, {
  method: "POST",
  body: JSON.stringify({
    event: "order.created"
  })
});
Enter fullscreen mode Exit fullscreen mode

Example of using only the decode endpoint {When encoded from website} (recommended)

const id = "YOUR_ENCODING_ID";

const res = await fetch(
  `https://dg-encoder.scriptsnsenses.workers.dev/d/${id}`
);

const data = await res.json();

console.log(data.value);
Enter fullscreen mode Exit fullscreen mode

Other endpoints:

I. Redirect to Stored URL:

const id = "YOUR_ENCODING_ID";

window.location.href =
  `https://dg-encoder.scriptsnsenses.workers.dev/r/${id}`;
Enter fullscreen mode Exit fullscreen mode

II. List Your Encodings:

const userKey = localStorage.getItem("dgUserKey");

const res = await fetch(
  "https://dg-encoder.scriptsnsenses.workers.dev/mine",
  {
    headers: {
      "X-User-Key": userKey
    }
  }
);

const data = await res.json();

console.log(data.encodings);
Enter fullscreen mode Exit fullscreen mode

III. Update Allowed Domains:

const userKey = localStorage.getItem("dgUserKey");
const id = "YOUR_ENCODING_ID";

await fetch(
  `https://dg-encoder.scriptsnsenses.workers.dev/d/${id}`,
  {
    method: "PATCH",
    headers: {
      "Content-Type": "application/json",
      "X-User-Key": userKey
    },
    body: JSON.stringify({
      domains: [
        "myapp.com",
        "dashboard.myapp.com"
      ]
    })
  }
);
Enter fullscreen mode Exit fullscreen mode

IV. Delete an Encoding:

const userKey = localStorage.getItem("dgUserKey");
const id = "YOUR_ENCODING_ID";

await fetch(
  `https://dg-encoder.scriptsnsenses.workers.dev/d/${id}`,
  {
    method: "DELETE",
    headers: {
      "X-User-Key": userKey
    }
  }
);
Enter fullscreen mode Exit fullscreen mode

Final Thoughts

DG Encoder was created to make storing and managing text-based values as simple as possible.

The service is:

  • Free
  • No API key required
  • Fast
  • Easy to use
  • Built on Cloudflare's edge network

If you're building web applications and need a lightweight way to store webhooks, URLs, or configuration data, I'd love to hear your thoughts and suggestions.

Support Me

If you want to support me because most of my projects are free-for-all, I do not demand money I just demand your time. Let's build together !!!

To build with me join my Discord Server/Community: https://discord.gg/4ApADpxGQV

Happy coding! 🚀

Top comments (0)