You should always validate your JWT locally.
As outlined in this doc, you need to make sure, at a minimum, that the aud, roles, and iss claims are as expected, and that can only be done by looking at a JWT and examining those claims. If you use a library that supports JWKS, doing this should be super simple.
Note that the FusionAuth API endpoint validates JWTs at a basic level. It ensures that the JWT hasn't expired and that it was signed correctly.
The reasons to use the API endpoint are:
If you have an HMAC signed JWT and you don't want to share the secret with the JWT consumer If you have no JWT library that is available (whether because it hasn't been written, or you don't want to deploy it with your application) You are willing to accept a network call instead of loading up a such a library