Forms and Beacons API

Browser-safe public endpoints for form schemas, form submissions, and beacon configs.

Forms and Beacons API

Forms and beacons expose browser-safe public endpoints under /api. These endpoints do not use API keys.

Get Form Schema

bash
curl https://api.rogeriq.com/api/forms/contact/public

The id path parameter can be a form ID or slug.

Submit Form

bash
curl https://api.rogeriq.com/api/f/contact \  -H "Content-Type: application/json" \  -H "Origin: https://example.com" \  -d '{    "email": "ada@example.com",    "message": "I need help."  }'

Supported content types:

  • application/json
  • multipart/form-data
  • standard HTML form POST bodies

Get Beacon Config

bash
curl https://api.rogeriq.com/api/beacons/bcn_123/public

The response includes:

  • beacon appearance
  • linked form schema
  • allowed origins
  • Turnstile site key
  • FingerprintIQ public key

Security Model

These endpoints are public by design. Protection comes from:

  • origin checks
  • per-IP rate limits
  • honeypot fields
  • FingerprintIQ evaluation
  • hosted-page Turnstile
  • archived form/beacon checks

Do not add API-key authentication to browser form submissions. Use origin and spam controls instead.

Previous Webhooks API
Next Errors
Ask a question... ⌘I