backend: leave the JSON conversion to SafeRequest
The PR introduced a bug, causing the `data` to by converted into JSON
twice. When doing `json.loads` on keygen, the data is still string.
The reason why didn't discover the issue earlier is because we had two
tests with the same name (`test_create_user_keys`) and therefore one
of them wasn't being executed.
See PR#2166
Merges: #2177