DEV Community: mawmawia

I got tired of jwt.io having no API, so I shipped one [102ms, Zero Auth]

mawmawia — Wed, 03 Jun 2026 13:09:49 +0000

The problem every dev hits

Testing JWT auth in CI/CD sucks.

jwt.io is perfect but has no API. Auth0's JWT libs need setup. Most online tools rate limit you after 10 requests. You just want to decode or verify a token in a GitHub Action without installing 3 packages.

So I built RK JWT API #003

6 actions. 1 endpoint. 102ms average response.

What it does:

decode - Instantly decode any JWT. Returns header, payload, expires_in_human
verify - HS256/384/512 signature validation. Pass secret, get valid: true/false
verify_jwks - RS256/384/512 via JWKS URL. Works with Auth0, Firebase, Supabase, Okta
sign - Generate test JWTs. Custom payload, expiresIn. Perfect for mocking auth
inspect - Security audit. Detects alg:none, expired tokens, clock skew. Returns risk_score
bulk_decode - Send 100 tokens, get results back. Built for log analysis

Zero friction:

No API keys
No signup
CORS enabled
Stateless - no logging, no tracking
Every response includes "by": "RK" so you know it worked

Stack: Vercel Edge Functions + jose. Handles malformed JWTs and edge cases.

Try it right now

Live: https://rapidapi.com/mawmawia/api/rk-jwt-api

Free tier: 1k requests/month. No credit card.

Quick test in cURL:


bash
curl -X POST https://rk-jwt-api.p.rapidapi.com/api \
  -H "X-RapidAPI-Key: YOUR_RAPIDAPI_KEY" \
  -H "Content-Type: application/json" \
  -d '{"action":"decode","token":"eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJSUyJ9.signature"}'

I built an API that detects missed cron jobs without heartbeats

mawmawia — Tue, 02 Jun 2026 19:39:38 +0000

The problem with heartbeat cron monitors

Traditional tools like Healthchecks.io work like this:

Your cron job runs
At the end, it pings a URL: curl https://hc-ping.com/uuid
If the ping doesn't arrive, you get alerted

But what happens if your server crashes at step 1? Or the job OOMs before the curl command?

You get silence. And silence looks like success.

I lost client data when a backup cron failed silently for 6 days. The job never started, so it never pinged. No alert.

My solution: Schedule validation instead of heartbeats

I built RK Cron Monitor. Instead of asking "did the job phone home?", it asks "should the job have run by now?"

How it works:

At the end of your cron script, POST your last_run_timestamp + cron expression


bash
curl -X POST https://api.rkcron.com/check \
  -H "Content-Type: application/json" \
  -d '{"cron": "0 2 * * *", "last_run": "2026-06-02T02:00:00Z"}'

I built a free JSON repair API because ChatGPT keeps giving me broken JSON

mawmawia — Tue, 02 Jun 2026 17:32:40 +0000

I got tired of ChatGPT and Claude giving me this:


json
{
  name: 'test', 
  active: true,
  tags: [a, b,] // comment
}