{ }

Encoding and Decoding REST API

Supported encoders are available as small JSON endpoints. Open CORS, no authentication required for the free tier, with up to 10,000 requests per IP per UTC day.

Request format

GET  /api/v1/<tool>?action=<encode|decode>&input=<text>[&option=value]
POST /api/v1/<tool>
Content-Type: application/json

{ "action": "encode", "input": "...", "options": { ... } }

The response is always the same shape: a JSON object with either a result string or an error string and an HTTP status of 400.

Available API endpoints

B64
/api/v1/base64
Encode and decode Base64 text and UTF-8 data
B32
/api/v1/base32
Encode and decode Base32 with RFC 4648, hex, and Crockford alphabets
B58
/api/v1/base58
Encode and decode Base58 with Bitcoin, Ripple, and Flickr alphabets
B85
/api/v1/base85
Encode and decode Base85, Ascii85, and Z85
B*
/api/v1/basen
Encode and decode with any custom alphabet (base 2 to 256)
%%
/api/v1/url
Encode and decode URLs, query strings, and path segments
</>
/api/v1/html
Escape and unescape HTML entities safely
JWT
/api/v1/jwt
Decode and inspect JSON Web Tokens locally
U+
/api/v1/unicode
Convert Unicode code points, UTF-8, and text
0x
/api/v1/hex
Convert text to hex, binary, octal, and decimal
#!
/api/v1/hash
Generate SHA-1, SHA-256, SHA-384, and SHA-512 hashes
.-
/api/v1/morse
Translate text to Morse code and back
xn-
/api/v1/punycode
Encode and decode internationalized domain names
{}
/api/v1/json
Format, minify, and validate JSON payloads

API examples

Base64 encode:

curl 'https://encode-decode.org/api/v1/base64?action=encode&input=hello'
# → { "result": "aGVsbG8=", "tool": "base64", "action": "encode" }

SHA-256 hash via POST:

curl -X POST https://encode-decode.org/api/v1/hash \
  -H 'content-type: application/json' \
  -d '{ "action": "encode", "input": "hello", "options": { "algorithm": "sha-256" } }'

Rate limits & abuse

The free tier is 10,000 requests per IP per UTC day. Requests above that limit return 429 Too Many Requests with a Retry-After header. Cache repeated results when you use the API in production workflows.

All input is processed in memory and discarded after the response is sent. No request body is ever logged.