Get started in minutes with our straightforward API. One endpoint, clear responses, no complexity.
Sign up for a free account and find your API key in the dashboard.
POST your form data to our API endpoint with your API key.
Check if the submission is spam and process accordingly.
POST https://forms.nomospam.dev/api/forms/submit Content-Type: application/json
X-API-Key: your_api_key_here{
"email": "user@example.com",
"name": "John Doe",
"message": "I'm interested in your services",
"ip": "192.168.1.1",
"user_agent": "Mozilla/5.0...",
"referer": "https://yoursite.com/contact",
"honeypot": "",
"submit_time": 15.2,
"fields": {
"company": "Acme Corp",
"phone": "+1234567890"
}
}email REQUIRED The email address from the form submission
message REQUIRED The main message content
ip OPTIONAL Client IP address (helps with detection)
honeypot OPTIONAL Hidden field value (should be empty for humans)
submit_time OPTIONAL Time in seconds to complete the form
fields OPTIONAL Additional form fields as key-value pairs
{
"success": true,
"is_spam": false,
"score": 0.12,
"reasons": [],
"id": "sub_1234567890"
}{
"success": true,
"is_spam": true,
"score": 0.94,
"reasons": [
"honeypot_filled",
"suspicious_content",
"disposable_email"
],
"id": "sub_1234567891"
}is_spam Boolean indicating if submission is spam
score Spam probability score (0.0 to 1.0)
reasons Array of detection reasons if spam
id Unique submission ID for reference
const response = await fetch('https://forms.nomospam.dev/api/forms/submit', {
method: 'POST',
headers: {
'Content-Type': 'application/json',
'X-API-Key': 'your_api_key_here'
},
body: JSON.stringify({
email: formData.email,
name: formData.name,
message: formData.message,
honeypot: formData.honeypot || '',
submit_time: (Date.now() - startTime) / 1000
})
});
const result = await response.json();
if (result.is_spam) {
// <T key="docs.codeComments.handleSpam" />
console.log('<T key="docs.codeComments.spamDetected" />', result.reasons);
} else {
// <T key="docs.codeComments.processLegitimate" />
await saveToDatabase(formData);
}import requests
import time
start_time = time.time()
# After form submission
response = requests.post(
'https://forms.nomospam.dev/api/forms/submit',
headers={
'Content-Type': 'application/json',
'X-API-Key': 'your_api_key_here'
},
json={
'email': form_data['email'],
'name': form_data['name'],
'message': form_data['message'],
'honeypot': form_data.get('honeypot', ''),
'submit_time': time.time() - start_time
}
)
result = response.json()
if result['is_spam']:
# <T key="docs.codeComments.handleSpamShort" />
print(f"<T key="docs.codeComments.spamDetected" /> {result['reasons']}")
else:
# <T key="docs.codeComments.processLegitimateShort" />
save_to_database(form_data)$data = [
'email' => $_POST['email'],
'name' => $_POST['name'],
'message' => $_POST['message'],
'honeypot' => $_POST['honeypot'] ?? '',
'submit_time' => microtime(true) - $_SESSION['form_start_time']
];
$ch = curl_init('https://forms.nomospam.dev/api/forms/submit');
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($data));
curl_setopt($ch, CURLOPT_HTTPHEADER, [
'Content-Type: application/json',
'X-API-Key: your_api_key_here'
]);
$response = curl_exec($ch);
$result = json_decode($response, true);
if ($result['is_spam']) {
// <T key="docs.codeComments.handleSpamShort" />
error_log('<T key="docs.codeComments.spamDetected" /> ' . implode(', ', $result['reasons']));
} else {
// <T key="docs.codeComments.processLegitimateShort" />
save_to_database($data);
}Missing required fields or invalid data format
Invalid or missing API key
Rate limit exceeded for your API key
Server error - please retry or contact support
| PLAN | REQUESTS/MINUTE | REQUESTS/MONTH |
|---|---|---|
| Free | 10 | 100 |
| Pro | 100 | 10,000 |
| Enterprise | Unlimited | Unlimited |
Get real-time notifications when forms are submitted. Configure webhooks to receive detailed submission data and status updates.
Configure your webhook settings in the dashboard to receive notifications:
Webhook URL The endpoint that will receive webhook notifications
Webhook Secret Secret key for verifying webhook signatures
Include Error Details Include detailed error information in webhook payload
Include Webhook Status Return webhook delivery status in API response
{
"event": "form.submission",
"data": {
"submission_id": "sub_1234567890",
"form_id": "form_abc123",
"status": "processed",
"submitted_at": "2024-01-15T10:30:00Z",
"data": {
"email": "user@example.com",
"name": "John Doe",
"message": "Contact message content"
},
"metadata": {
"ip_address": "192.168.1.1",
"user_agent": "Mozilla/5.0..."
},
"spam_detection": {
"is_spam": false,
"confidence_score": 0.12,
"signals": []
}
},
"timestamp": "2024-01-15T10:30:01Z"
}X-NMS-Signature HMAC-SHA256 signature of the payload
X-NMS-Timestamp ISO 8601 timestamp of the webhook event
When 'Include Webhook Status' is enabled, the API response includes webhook delivery information:
{
"success": true,
"data": {
"id": "sub_1234567890",
"status": "processed",
"message": "Thank you for your submission",
"webhook_status": {
"delivered": true,
"status": "processed",
"errors": [],
"details": {
"webhook": {
"sent": true,
"url": "https://your-site.com/webhook",
"status_code": 200,
"response_time_ms": 145
}
}
}
}
}Verify webhook authenticity using HMAC-SHA256:
const crypto = require('crypto');
// Verify webhook signature
const signature = request.headers['x-nms-signature'];
const timestamp = request.headers['x-nms-timestamp'];
const payload = JSON.stringify(request.body);
const expectedSignature = crypto
.createHmac('sha256', webhookSecret)
.update(payload)
.digest('hex');
if (signature === expectedSignature) {
// Webhook is authentic
processWebhook(request.body);
}