API Reference

Complete reference for the Contact Form API endpoint

Endpoint

POST /api/contact-api/

Submit contact form data with verification key authentication

Required Parameters

Parameter Type Description
access_key string Your verification key obtained from the authentication endpoint
email string Sender's email address
message string Message content

Optional Parameters

Parameter Type Default Description
subject string Auto-generated Email subject line
success_url string /contact/success/ Custom redirect URL on success
error_url string /contact/error/ Custom redirect URL on error
not_email_sent boolean false Skip sending email (submission still saved)

Custom Fields

Any additional fields in your request will be stored as custom fields:

{
  "access_key": "ABC123",
  "email": "user@example.com",
  "message": "Hello!",
  "name": "John Doe",
  "phone": "+1234567890",
  "company": "Acme Inc"
}

name, phone, and company will be stored as custom fields.

File Uploads

Limits: Maximum 10 files, 10MB per file

Use multipart/form-data content type for file uploads: 

<form action="/api/contact-api/" method="POST" enctype="multipart/form-data">
  <input type="hidden" name="access_key" value="ABC123" />
  <input type="email" name="email" required />
  <textarea name="message" required></textarea>
  <input type="file" name="attachment" multiple />
  <button type="submit">Send</button>
</form>

Response Formats

Success Response (200)

{
  "success": true,
  "message": "Your message has been sent successfully.",
  "submission_id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
  "attachments": 2,
  "email_status": "sent"
}

Error Response (400/500)

{
  "success": false,
  "message": "Missing required fields.",
  "errors": {
    "__all__": ["Missing required fields."],
    "email": ["This field is required."]
  }
}

Rate Limiting

Rate Limit

Limit: 1 request per 3 seconds per IP address

Error (429): "Too many requests. Please wait 3 seconds before trying again."

CORS Support

The API supports cross-origin requests with the following headers:

  • Access-Control-Allow-Origin: *
  • Access-Control-Allow-Methods: POST, OPTIONS
  • Access-Control-Allow-Headers: Content-Type, X-Requested-With, Accept