diff --git a/vanilla.go b/.vanilla.go
similarity index 100%
rename from vanilla.go
rename to .vanilla.go
diff --git a/go.mod b/go.mod
index 99cc719..c91ecee 100644
--- a/go.mod
+++ b/go.mod
@@ -2,14 +2,4 @@ module echo-server
 
 go 1.20
 
-require (
-	gitlab-app.eng.qops.net/golang/jwt v1.3.0
-	golang.org/x/crypto v0.8.0
-)
-
-require (
-	github.com/alexcesaro/statsd v2.0.0+incompatible // indirect
-	github.com/golang-jwt/jwt/v4 v4.4.1 // indirect
-	gitlab-app.eng.qops.net/golang/metrics/v2 v2.0.0 // indirect
-	gitlab-app.eng.qops.net/golang/qtoken v1.0.1 // indirect
-)
+require golang.org/x/crypto v0.8.0
diff --git a/go.sum b/go.sum
index 64be912..66fe607 100644
--- a/go.sum
+++ b/go.sum
@@ -1,14 +1,2 @@
-github.com/alexcesaro/statsd v2.0.0+incompatible h1:HG17k1Qk8V1F4UOoq6tx+IUoAbOcI5PHzzEUGeDD72w=
-github.com/alexcesaro/statsd v2.0.0+incompatible/go.mod h1:vNepIbQAiyLe1j480173M6NYYaAsGwEcvuDTU3OCUGY=
-github.com/golang-jwt/jwt/v4 v4.4.1 h1:pC5DB52sCeK48Wlb9oPcdhnjkz1TKt1D/P7WKJ0kUcQ=
-github.com/golang-jwt/jwt/v4 v4.4.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
-gitlab-app.eng.qops.net/golang/jwt v1.3.0 h1:+DPpWuz1qLcAT3HhcTyrbKF35Z310U0sb7EL68K2X/s=
-gitlab-app.eng.qops.net/golang/jwt v1.3.0/go.mod h1:z6jtur6CCEknerWN+TMrzjdblbqbe7Xoeg8Egsyuh/c=
-gitlab-app.eng.qops.net/golang/metrics/v2 v2.0.0 h1:bZ8sE1e/+Q6j/5hk8UvLRsg7RDo6GYH3s96dMXMbyCM=
-gitlab-app.eng.qops.net/golang/metrics/v2 v2.0.0/go.mod h1:3t9G/KnpMPKci08VpOUzPj7oSk7V1iLCM6yV6/PQZss=
-gitlab-app.eng.qops.net/golang/qtoken v1.0.1 h1:JP0TeZssYXZvPWrxahQVnklrmLcUXLasnWAXvlRjZvE=
-gitlab-app.eng.qops.net/golang/qtoken v1.0.1/go.mod h1:7Hd83PrhqrStQf3RDcI8AYZo0iNaGOo11Faf/U45yBA=
 golang.org/x/crypto v0.8.0 h1:pd9TJtTueMTVQXzk8E2XESSMQDj/U7OUu0PqJqPXQjQ=
 golang.org/x/crypto v0.8.0/go.mod h1:mRqEX+O9/h5TFCrQhkgjo2yKi0yYA+9ecGkdQoHrywE=
-gopkg.in/alexcesaro/statsd.v2 v2.0.0 h1:FXkZSCZIH17vLCO5sO2UucTHsH9pc+17F6pl3JVCwMc=
-gopkg.in/alexcesaro/statsd.v2 v2.0.0/go.mod h1:i0ubccKGzBVNBpdGV5MocxyA/XlLUJzA7SLonnE4drU=
diff --git a/main.go b/main.go
index d1a29ce..460bc93 100755
--- a/main.go
+++ b/main.go
@@ -13,7 +13,6 @@ import (
 	"os/signal"
 	"time"
 
-	"gitlab-app.eng.qops.net/golang/jwt"
 	"golang.org/x/crypto/pkcs12"
 )
 
@@ -34,7 +33,6 @@ func main() {
 	block := flag.Int("block", 0, "seconds to block connections")
 	status := flag.Int("status", http.StatusOK, "status to always return")
 	body := flag.String("body", "", "body to always return")
-	jwt := flag.String("jwt", envOrDefault("SECRET", ""), "secret for JWT")
 	flag.Parse()
 
 	// start server
@@ -43,7 +41,7 @@ func main() {
 	} else if *tcp {
 		startTCP(*port, *fail, *block)
 	} else {
-		startHTTP(*port, *fail, *block, *jwt, *crt, *key, *status, *body)
+		startHTTP(*port, *fail, *block, *crt, *key, *status, *body)
 	}
 
 	// catch stop
@@ -99,10 +97,10 @@ func startTCP(port string, fail bool, block int) {
 	}()
 }
 
-func startHTTP(port string, fail bool, block int, secret, crt, key string, status int, body string) {
+func startHTTP(port string, fail bool, block int, crt, key string, status int, body string) {
 	srv := &http.Server{
 		Addr:    ":" + port,
-		Handler: makeHTTPHandler(fail, block, secret, status, body),
+		Handler: makeHTTPHandler(fail, block, status, body),
 	}
 	go func() {
 		if crt == "" || key == "" {
@@ -143,20 +141,20 @@ func startHTTP(port string, fail bool, block int, secret, crt, key string, statu
 	log.Println("Listening on", srv.Addr)
 }
 
-func makeHTTPHandler(fail bool, block int, secret string, status int, body string) http.HandlerFunc {
+func makeHTTPHandler(fail bool, block int, status int, body string) http.HandlerFunc {
 	if block > 0 {
-		return blockH(block, fail, secret, status, body)
+		return blockH(block, fail, status, body)
 	} else if fail {
 		return http.HandlerFunc(failH)
 	}
-	return echoH(secret, status, body)
+	return echoH(status, body)
 }
 
 func failH(w http.ResponseWriter, r *http.Request) {
 	w.WriteHeader(http.StatusInternalServerError)
 }
 
-func blockH(block int, fail bool, secret string, status int, body string) http.HandlerFunc {
+func blockH(block int, fail bool, status int, body string) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		select {
 		case <-time.After(time.Second * time.Duration(block)):
@@ -169,26 +167,16 @@ func blockH(block int, fail bool, secret string, status int, body string) http.H
 		if fail {
 			w.WriteHeader(http.StatusInternalServerError)
 		} else {
-			echoH(secret, status, body)(w, r)
+			echoH(status, body)(w, r)
 		}
 	}
 }
 
-func echoH(secret string, status int, body string) http.HandlerFunc {
+func echoH(status int, body string) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 		log.Println("METHOD:", r.Method)
 		log.Println("URL:", r.URL.String())
 		log.Println("HEADER:", r.Header)
-		if secret != "" {
-			verifier := jwt.Verifier{Key: []byte(secret)}
-			_, err := verifier.Verify(r)
-			if err != nil {
-				w.WriteHeader(http.StatusUnauthorized)
-				fmt.Fprintln(w, "ERR: failed verifying jwt:", err)
-				log.Println("ERR: failed verifying jwt:", err)
-				return
-			}
-		}
 		b, err := ioutil.ReadAll(r.Body)
 		if err != nil {
 			return